Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk 6 REST API: Much slower than 5

twinspop
Influencer
‎12-10-2013 09:32 AM

I upgraded our indexers to Splunk 6 about 3 weeks ago. Our monitoring scripts use the REST interface to hit Splunk. Since the upgrade, calls to the REST API have slowed considerably. (Showing 95th % search run time for the REST API user.)

Anyone else notice similar?

I'm just starting the investigation. (Didn't notice til this morning - doh!) Pointers to likely sources of the delay appreciated.

Tags (3)
0 Karma
Reply

dball2
New Member
‎01-13-2016 11:13 AM

I have a similar problem, a query in the UI is taking around 10sec, and via searches export it takes > 4mins. Using splunk cloud API.

Incredibly slow. Someone should look at that .

0 Karma
Reply

ineeman
Splunk Employee
Splunk Employee
‎01-27-2014 07:20 PM

What OS are you running on? Also, the UI ends up using the API as well, so it is odd it is much faster in the UI. In the search inspector for both jobs (ones started from the UI and ones from the API), do you see any marked difference, especially in the 'request' field (which should be a JSON dictionary)?

0 Karma
Reply

austremestephen
New Member
‎01-27-2014 06:30 PM

version 6 API response is very slow compared with version 5.

0 Karma
Reply

twinspop
Influencer
‎01-17-2014 04:14 PM

For the record: In the case of one of my saved searches, I can run the exact same search through the GUI on the exact same indexer and get an answer back in 1.5s. If I use the API, the response takes 25-30s.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...