Hi,
I am connecting to splunk REST API from POSTMAN to view the results, In SPLUNK I am able to see 1 log for the provided timeperiod, where as in POSTMAN I am able to see 4 logs.(Duplicate logs) for the same timeperiod.
NOTE: This is happening only for JSON Format, if I change the format to CSV, everything seems to be fine. Is there a way to avoid duplicates?
In the REST API CALL do I need to modify anything?
The REST API CALL which I am using is as below,
https://splunk-api-url:8089/servicesNS/nobody/appname/search/jobs/export?output_mode=json&segmentation=none&latest_time=2020-07-15T00%3A05%3A00.000&earliest_time=2020-07-15T00%3A00%3A00.000&search=|savedsearch%20savedsearchname%20|search%20Code=XXX-10-12
Hi @VijaySriS–good question. I’m moving your post to the “help” category so that it may be answered. I removed your duplicate post, just so you know. Do you have any screenshots or code you may be able to add as an example here?