Getting duplicate results in POSTMAN for JSON Format

VijaySriS · 18 July 2020 06:05

Hi,

I am connecting to splunk REST API from POSTMAN to view the results, In SPLUNK I am able to see 1 log for the provided timeperiod, where as in POSTMAN I am able to see 4 logs.(Duplicate logs) for the same timeperiod.

NOTE: This is happening only for JSON Format, if I change the format to CSV, everything seems to be fine. Is there a way to avoid duplicates?

In the REST API CALL do I need to modify anything?

The REST API CALL which I am using is as below,

https://splunk-api-url:8089/servicesNS/nobody/appname/search/jobs/export?output_mode=json&segmentation=none&latest_time=2020-07-15T00%3A05%3A00.000&earliest_time=2020-07-15T00%3A00%3A00.000&search=|savedsearch%20savedsearchname%20|search%20Code=XXX-10-12

hannah.neil · 1 September 2020 05:48

Hi @VijaySriS–good question. I’m moving your post to the “help” category so that it may be answered. I removed your duplicate post, just so you know. Do you have any screenshots or code you may be able to add as an example here?