How to return results in less than 1 second from S...

Anton_Pushkar_ · ‎02-21-2022

I am trying to get 10 events from Splunk. But it takes more than 40 minutes when UI returns results less than 1 sec

        String token = "token";
        String host = "splunk.mycompany.com";
        Map<String, Object> result = new HashMap<>();
        result.put("host", host);
        result.put("token", token);
        HttpService.setSslSecurityProtocol(SSLSecurityProtocol.TLSv1_2);

        Service service = new Service(result);
        Job job = service.getJobs().create("search index=some_index earliest=-1h |head 10");
        while (!job.isReady()) {
            try {
                Thread.sleep(500); // 500 ms
            } catch (Exception e) {
                // Handle exception here.
            }
        }

        // Read results
        try {
            ResultsReader reader = new ResultsReaderXml(job.getEvents());

            // Iterate over events and print _raw field
            reader.forEach(event -> System.out.println(event.get("_raw")));

        } catch (Exception e) {
            // Handle exception here.
        }

What can be a cause of this? This code is from Splunk java sdk GitHub page. Token, host, etc. are changed from real to stub due to NDA

How to return results in less than 1 second from Splunk java SDK?

SDK

SplunkJS

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

A Prelude to .conf25: Your Guide to Splunk University

4 Ways the Splunk Community Helps You Prepare for .conf25

Are you a member of the Splunk Community?

How to return results in less than 1 second from Splunk java SDK?

SDK

SplunkJS

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

A Prelude to .conf25: Your Guide to Splunk University

4 Ways the Splunk Community Helps You Prepare for .conf25