Re: Splunk DB Connect 2: Is there a known search p... - Page 2

hmozaffari · ‎06-11-2015

Hi

Have you noticed any search performance issue when running dbxquery query? When I run a simple DB query like this

| dbxquery query="SELECT%201%20FROM%20DUAL" connection="AAA"

It takes 25 seconds to return the result. It is pointing to Oracle database and when I use any other client and run the same query it takes less than a second.
When I check the "Health" page and transaction, the DURATION is reported as 0.1 second which looks correct and the real time spent on database. But still it takes 25 seconds to get the query result.

Even enter a query with wrong SQL syntax and it takes 25 seconds to return the error:

| dbxquery query="YYYYYY" connection="AAA"

Thanks

hmozaffari · ‎06-15-2015

Thanks! Actually McAffee is running on my machine. I monitored the resources and couldn't find any bottleneck. Overall I have no performance issue with none-DB queries.

I'm not a Python expert but added some logs in dpquery.py and noticed the majority of time is spent by these two methods calls:
1- Getting a connection: self.db, self.db_health = self.get_connection(db)
2- The decorator: @health.Logger("dbquery:execute_query", health.DB)

Splunk DB Connect 2: Is there a known search performance issue with running dbxquery?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

May 2026 Splunk Expert Sessions: Security & Observability

Network to App: Observability Unlocked [May & June Series]

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Join the Conversation