Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to delay with search result when run via Splunk API?

surabhi
New Member
‎03-24-2023 03:24 AM

Hi,

 

We have a platform where lot of dashboards are populated using splunk searches via splunk api call.

All the query runs fine and brings results in 30-40 secs however there is one query which brings results in around 5 mins. The query is not complex and runs within seconds on splunk search heads and I also used postman to check how long it takes- it was around seconds on postman as well. I beleive there is no issue at query end.

I checked the splunk logs for that particular SID which took 5 mins to run: I see below ERROR logs:

ERROR SHCRepJob [18757 SHPPushExecutorWorker-0] - failed job=SHPRepJob peer="splunk-search head", guid="xxx" aid=xxx, tgtPeer="splunk-search head ", tgtGuid="xxx", tgtRP=xxx, useSSL=false tgt_hp=xx:8089 tgt_guid=xx replicate?output_mode=json, error=500 - Failed to trigger replication (artifact='xxx Job id') (err='event=SHPSlave::replicateArtifactTo invalid status=alive to be a source for replication')

Any idea about this error. Because i do see this error on other queries SID which are running fine. I am not sure what exactly is the reason for delay.

Labels (1)
Labels
0 Karma
Reply
Register for .conf25!
Get Updates on the Splunk Community!

Why You Can't Miss .conf25: Unleashing the Power of Agentic AI with Splunk & Cisco

The Defining Technology Movement of Our Lifetime The advent of agentic AI is arguably the defining technology ...

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

In today’s complex digital landscape, security teams face increasing pressure to protect sprawling data across ...

Your summer travels continue with new course releases

Summer in the Northern hemisphere is in full swing, and is often a time to travel and explore. If your summer ...
Top