Why is there an authentication problem in the successive attempts for the same search id?


I am trying to poll & consume the search id using curl and rest services from java. It often fails in the successive attempts, but the same query results output after attempting a minute+ timeout.

Is there any time limit that I have to give splunk before attempting to try for the same search ID?
Is there any threshold that splunk have for using the same session key?

curl -k -H "Authorization: Splunk session_key_of_mine"  <hostname>/services/search/jobs/1525281638.1001_01604640-0D89-43B7-9E19-60EE7915D7F8

curl -k -H "Authorization: Splunk session_key_of_mine"   <hostname>/services/search/jobs/1525281638.1001_01604640-0D89-43B7-9E19-60EE7915D7F8/results


I have exactly the same questions, although as they apply to using the splunkjs sdk framework outside of Splunk (in an external web application). I've been struggling with repeated authentication failures for code that runs just fine other times - in particular after a long time has elapsed since the last authentication attempt-.
We need information on the limitations of these APIs or sdks, so we can write robust applications.

0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Using the Splunk Threat Research Team’s Latest Security Content

REGISTER HERE Tech Talk | Security Edition Did you know the Splunk Threat Research Team regularly releases ...

SplunkTrust | 2024 SplunkTrust Application Period is Open!

It's that time again, folks! That's right, the application/nomination period for the 2024 SplunkTrust is ...