How to return results in less than 1 second from S...

Anton_Pushkar_ · ‎02-21-2022

I am trying to get 10 events from Splunk. But it takes more than 40 minutes when UI returns results less than 1 sec

        String token = "token";
        String host = "splunk.mycompany.com";
        Map<String, Object> result = new HashMap<>();
        result.put("host", host);
        result.put("token", token);
        HttpService.setSslSecurityProtocol(SSLSecurityProtocol.TLSv1_2);

        Service service = new Service(result);
        Job job = service.getJobs().create("search index=some_index earliest=-1h |head 10");
        while (!job.isReady()) {
            try {
                Thread.sleep(500); // 500 ms
            } catch (Exception e) {
                // Handle exception here.
            }
        }

        // Read results
        try {
            ResultsReader reader = new ResultsReaderXml(job.getEvents());

            // Iterate over events and print _raw field
            reader.forEach(event -> System.out.println(event.get("_raw")));

        } catch (Exception e) {
            // Handle exception here.
        }

What can be a cause of this? This code is from Splunk java sdk GitHub page. Token, host, etc. are changed from real to stub due to NDA

How to return results in less than 1 second from Splunk java SDK?

SDK

SplunkJS

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!