Use this splunk search to get datails about alert actions | rest /services/saved/searches splunk_server=local count=0 |table title,actions
Get Sourcetype and Index Info via TSTATS
Use the following simple tstats query to return the latest time events came in for a given index as well as list all sourcetypes for each index: |tstats values(sourcetype) as Sourcetype latest(_time) as Time groupby index | convert ctime(Time)
REST Call for a list of Lookup Files
Use this splunk search to get a list of all lookup files: | rest /services/data/transforms/lookups | table eai:acl.app eai:appName filename title fields_list updated id
REST Call for Splunk Server Role Status
This REST Splunk search returns the status of roles on each Splunk server in your environment. | rest /services/server/introspection | table title splunk_server status updated
