I have these as the final lines of my bash script:
response=$(curl -H "Authorization: Bearer $access_token" -H "Accept: application/json;odata=verbose" -s "$url")
echo "$response"
echo "Test1"
The script runs, however only 'Test 1' is sent to the index/splunk.
My response, which I know returns the response of the curl command, seems to be being ignored. The only reason I can think for this is that it's too large a body?
The response is in json but is quite large, I'd say pages worth.
wc provides '0 2220 612208' as a response when I run the script myself.
However on splunk the echo returns 0 0 0 as an event
Anything helpful in splunkd.log?