Solved: How to catch information from inspector job?

jip31 · ‎03-11-2019

Hi

I would like to catch the information in the example below:

This search has completed and has returned 1 000 résultat by scanning 2 610 582 événement in 220,758 seconds

These information comes from the job inspector.
How can I catch information and the response time?

Thanks a lot

harsmarvania57 · ‎03-11-2019

Hi,

You can access these details in _audit index. If you have access to _audit index then try to run search index=_audit search_id=* info=completed this will provide run time, event count, result count etc.

View solution in original post

harsmarvania57 · ‎03-11-2019

Hi,

You can access these details in _audit index. If you have access to _audit index then try to run search index=_audit search_id=* info=completed this will provide run time, event count, result count etc.

jip31 · ‎03-11-2019

thanks a lot

How to catch information from inspector job?

[Puzzles] Solve, Learn, Repeat: Word Search

[Puzzles] Solve, Learn, Repeat: Advent of Code - Day 4

GA: S3 Promote for Historical Data Ingestion in Splunk Cloud

Join the Conversation

How to catch information from inspector job?

[Puzzles] Solve, Learn, Repeat: Word Search

[Puzzles] Solve, Learn, Repeat: Advent of Code - Day 4

GA: S3 Promote for Historical Data Ingestion in Splunk Cloud