SDK for PHP Search with Append Throws Error

kmattern · ‎06-23-2014

I'm playing with the Splunk SDK for PHP and am enjoying it but whenever I use an append function in a search it throws the following error

•[EXCEPTION] HTTP 200 OK

The PHP code for the search looks like this:

$search='search index=portal sourcetype="portal" earliest=-7d@d latest=-d /SAR/ARH/gen_info* WebPage!="index.htm*"
| stats count(WebPage) as "General Information"
| append [search index=portal sourcetype="portal" earliest=-7d@d latest=-d /SAR/faq* WebPage!="index.htm*"
| stats count(WebPage) as "Help Line"]
| append [search index=portal sourcetype="portal" earliest=-7d@d latest=-d /SAR/ARH/media* WebPage!="index.htm*"
| stats count(WebPage) as "Media"]';

If I just run the first search I get results. Do I have to do anything special with append? I use it a lot.

I get the same error if I call this as a saved search. Other saved searches work in the SDK but this one will not. It runs perfectly in it's dashboard or manually.

kmattern · ‎06-25-2014

Apparently there is a bug in the PHP SDK. If I get a resolution I'll post it here.

SDK for PHP Search with Append Throws Error

Data Management Digest – December 2025

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Join the Conversation

SDK for PHP Search with Append Throws Error

Data Management Digest – December 2025

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...