Security
Highlighted

Why is there an authentication problem in the successive attempts for the same search id?

Explorer

I am trying to poll & consume the search id using curl and rest services from java. It often fails in the successive attempts, but the same query results output after attempting a minute+ timeout.

Is there any time limit that I have to give splunk before attempting to try for the same search ID?
Is there any threshold that splunk have for using the same session key?

curl -k -H "Authorization: Splunk session_key_of_mine"  <hostname>/services/search/jobs/1525281638.1001_01604640-0D89-43B7-9E19-60EE7915D7F8

curl -k -H "Authorization: Splunk session_key_of_mine"   <hostname>/services/search/jobs/1525281638.1001_01604640-0D89-43B7-9E19-60EE7915D7F8/results
Highlighted

Re: Why is there an authentication problem in the successive attempts for the same search id?

Path Finder

I have exactly the same questions, although as they apply to using the splunkjs sdk framework outside of Splunk (in an external web application). I've been struggling with repeated authentication failures for code that runs just fine other times - in particular after a long time has elapsed since the last authentication attempt-.
We need information on the limitations of these APIs or sdks, so we can write robust applications.

0 Karma