Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Queries for an API user getting queued

boazr
Explorer
‎09-10-2019 01:13 PM

We have a Splunk cluster that is shared by multiple users/teams. We've set up an API user that makes calls to Splunk at a constant rate. Most of the time everything works fine, but every once in a while we see queries getting queued (for a short duration, but that is unacceptable for our specific use case).
We tried increasing the relevant configs in limits.conf, but the issue keeps occurring. Our assumption is that the API is getting queued when there are lots of other queries (from other users) running.

How can we guarantee that queries by the API user don't get queued? Is there a way to give a specific user/role a dedicated quota? Is there a way to enforce a limit on the quota of all other users/roles?

Reply

TRALORIX
Engager
‎12-29-2021 01:53 AM

I have the same problem. I must be able to get a API call result without any queuing mechanism.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...