How to return results in less than 1 second from S...

Anton_Pushkar_ · ‎02-21-2022

I am trying to get 10 events from Splunk. But it takes more than 40 minutes when UI returns results less than 1 sec

        String token = "token";
        String host = "splunk.mycompany.com";
        Map<String, Object> result = new HashMap<>();
        result.put("host", host);
        result.put("token", token);
        HttpService.setSslSecurityProtocol(SSLSecurityProtocol.TLSv1_2);

        Service service = new Service(result);
        Job job = service.getJobs().create("search index=some_index earliest=-1h |head 10");
        while (!job.isReady()) {
            try {
                Thread.sleep(500); // 500 ms
            } catch (Exception e) {
                // Handle exception here.
            }
        }

        // Read results
        try {
            ResultsReader reader = new ResultsReaderXml(job.getEvents());

            // Iterate over events and print _raw field
            reader.forEach(event -> System.out.println(event.get("_raw")));

        } catch (Exception e) {
            // Handle exception here.
        }

What can be a cause of this? This code is from Splunk java sdk GitHub page. Token, host, etc. are changed from real to stub due to NDA

How to return results in less than 1 second from Splunk java SDK?

SDK

SplunkJS

AppDynamics Summer Webinars

SOCin’ it to you at Splunk University

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Are you a member of the Splunk Community?

How to return results in less than 1 second from Splunk java SDK?

SDK

SplunkJS

AppDynamics Summer Webinars

SOCin’ it to you at Splunk University

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor