cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
DreadEclipse
Explorer
Member since: ‎06-02-2016
‎06-05-2020
Community Statistics
Posts 5
Solutions 1
Karma Given 16
Karma Received 0
Member Since ‎06-02-2016
Activity Feed
View All

Re: What is the fastest way to turn Splunk search ...

by in Splunk Search
‎06-06-2016 10:36 AM
‎06-06-2016 10:36 AM
So, it turns out the easiest way to grab data is just to do a straight out search. Use the .export command in java and then, in the parenthesis type exactly the same search you put into Splunk, but type "search " in front with a space after it. This will give an overall search. To search for a specific time range, add "earliest=-" followed by the time range (like 1h for one hour or 15s for fifteen seconds), without the quotes, of course. This takes the search from about 3 hours to about 6 seconds, a very nice 180,000% increase in performance! ... View more

Re: Connecting to splunk enterprise using splunk s...

by in Splunk Dev
‎06-03-2016 07:46 AM
‎06-03-2016 07:46 AM
I downvoted this post because not enough information ... View more

Re: Why am I getting "Maximum disk usage quota has...

by in Splunk Search
‎06-03-2016 07:27 AM
‎06-03-2016 07:27 AM
Even when you close out of a Splunk query, it might still be active until either you delete it or the internet finishes the full search. Calls from external sources might be slower than calling through Splunk's internet site. There can also be multiple tabs under the drop-down menu where your searches are stored. Make sure to check all of the types of searches and not just the defaults. There is an all button for your convenience. ... View more

Re: Using Java to make a REST API call to Splunk, ...

by in Splunk Search
‎06-02-2016 02:02 PM
‎06-02-2016 02:02 PM
I was having the same trouble just two days ago. Have you checked with the people in charge of the server where you work? It might be that the Host name or else the Port have changed or else something has happened to your personal information in the last two days (well, since the 22nd of May). Are you trying to access Splunk through a different source than you used before? When I switched from accessing purely by the internet to using Java, my system gave me the same error. It turns out, if your password has any control characters, you'll need to HTML hard code them into the String or else they might not work every time. Hope this helps! ... View more

What is the fastest way to turn Splunk search resu...

by in Splunk Search
‎06-02-2016 01:44 PM
‎06-02-2016 01:44 PM
I am writing a series of programs to make regular calls to the Splunk server and quickly sort the results of a search. The only language I use is Java, specifically the Eclipse IDE. I have the Splunk SDK downloaded and installed and added successfully to my Eclipse project. I have successfully connected to splunk using my credentials. My goal is to access the splunk dashboard and retrieve all the events that result from a specific search, returning them as Strings or else in a .txt file. I have read the documentation extensively and tried several solutions including service.export and MultiResultsReaderXml but neither seem speedy enough for my desires and neither seems to produce the Strings I need, namely the specific words of the Events from the search. Both seem like they would have to run for hours just to run a query on a one second time frame. I need to be able to search at least an hour. Since the beginning of time would be even better. The rest of the program is designed to use the text shown in the Splunk events, and should work once I have this last piece. Whether there is a quicker way or not, please let me know. Thanks! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to