Hi Guys,

I am using Splunk SDK to export a query to get the following data:

import time
import splunklib.client as client
import splunklib.results as results
import json
import requests
from dateutil.parser import parse

HOST = "xxxx"
PORT = xxxx
USERNAME = "xxxx"
PASSWORD = "xxxx"

service = client.connect(
host=HOST,
port=PORT,
username=USERNAME,
password=PASSWORD)

query='index=*    earliest=-5m        | regex "(?i)\D(?:0[1-9]|[12]\d|3[01])([\/.-])(?:0[1-9]|1[1-9])\1(?:19)\d\d|(?:19)\d\d([\/.-])(?:0[1-9]|[12]\d|3[01])([\/.-])(?:0[1-9]|[12]\d|3[01])\D" | rex "(?i)(?(19\d\d([\/.-])\d\d([\/.-])\d{1,2})|(\d\d([\/.-])\d{1,2}([\/.-])19\d\d))"|search dob=* AND dob!="1969-12-31"| table dob _raw index host source| stats first(dob) first(_raw) by index host source' 

while True:

    rr = results.ResultsReader(service.jobs.export(query))
    for result in rr:
        print(result)