Splunk Search
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk oneshot returns empty results sometimes

ShaneReddy
New Member
‎12-14-2022 09:46 AM

I am using Python SDK to run Splunk queries at 10 minute interval to collect data for my application. I have nearly 300 queries that I need to run every 10 mins. I have 4 FID to run these 300 queries, so roughly 75 queries for one FID. And I am using ProcessPoolExecutor in Python to only execute 20 at a time so there is no concurrent limit reached issue.

What I am observing is I get the results sometimes and sometimes I get no data from Splunk but the connection to Splunk was successful and the query gets completed with no errors. Am I reaching any limits here?

 

 

splunkResultsReaderParameters={
"earliest_time": "-10m",
"latest_time": "now"
}
splunkReader="ResultsReader"

oneshotsearch_results = splunkService.jobs.oneshot(query, **splunkParams)
reader = results.ResultsReader(oneshotsearch_results)

 

 

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Index This | How many sides does a circle have?

  March 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

New This Month - Splunk Observability updates and improvements for faster ...

What’s New? This month, we’re delivering several enhancements across Splunk Observability Cloud for faster and ...

What's New in Splunk Cloud Platform 9.3.2411?

Hey Splunky People! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2411. This release ...
Top