Hi Folks,   I am trying to get Splunk response from java using below method ---------------- public String executeSearch(String searchQuery) throws IOException { //String apiUrl = hostName + "/__raw/services/search/jobs/export?search=" + URLEncoder.encode(searchQuery, "UTF-8").replace("+", "%20"); String apiUrl = hostName + "/__raw/services/search/jobs/export?search=" + URLEncoder.encode(searchQuery, "UTF-8") .replace("+", "%2B") .replace("%3D", "=") .replace("%20", "+") .replace("%2A", "*") .replace("%3F", "?") .replace("%40", "@") .replace("%2C", ","); URL url = new URL(apiUrl); System.out.println("Value of Splunk URL is " + url); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("GET"); String credentials = userName + ":" + password; String encodedCredentials = Base64.getEncoder().encodeToString(credentials.getBytes()); connection.setRequestProperty("Authorization", "Basic " + encodedCredentials); StringBuilder response = new StringBuilder(); try (BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()))) { String inputLine; while ((inputLine = in.readLine()) != null) { System.out.println("Response Line: " + inputLine); // Print each line of the response response.append(inputLine); } } return response.toString(); } public static void main(String[] args) { if (args.length < 10) { System.out.println("Insufficient arguments provided. Please provide all required arguments."); System.exit(1); // Exit with error code 1 } String hostName = args[0]; String userName = args[1]; String password = args[2]; String query = args[3]; String logFileLocation = args[4]; String fileName = args[5]; String fileType = args[6]; String startDate = args[7]; String endDate = args[8]; String time = args[9]; try { SplunkRestClient client = new SplunkRestClient(hostName, userName, password); String searchResult = client.executeSearch(query); System.out.println(searchResult); // Write search result to file String filePath = logFileLocation + File.separator + fileName + "." + fileType; Files.write(Paths.get(filePath), searchResult.getBytes()); // Check if file is empty File file = new File(filePath); if (file.length() == 0) { System.out.println("File is empty. Deleting..."); if (file.delete()) { System.out.println("File deleted successfully."); } else { System.out.println("Failed to delete file."); } } else { // Validate file contents (assuming JSON data) try { new JSONObject(new String(Files.readAllBytes(Paths.get(filePath)))); System.out.println("File contents are valid JSON."); } catch (Exception e) { System.out.println("File is corrupt. Deleting..."); /*if (file.delete()) { System.out.println("Corrupt file deleted successfully."); } else { System.out.println("Failed to delete corrupt file."); }*/ } } } catch (IOException e) { System.out.println("Error occurred while executing search: " + e.getMessage()); System.exit(2); // Exit with error code 2 } } ------------------------------- I am calling this java file using bat file :: All Splunk host name set host_nam=https://log01.oss.mykronos.com/en-US/app/search/search?earliest=@d&latest=now set host_cfn=https://cfn-log01.oss.mykronos.com/en-US/app/search/search?earliest=@d&latest=now set host_dcust=https://koss01-log01.oss.mykronos.com/en-US/app/search/search?earliest=@d&latest=now :: Splunk user name set username=******** :: Splunk user password set password=******** :: Splunk search query for CAN, AUS, EUR set query_kpi=index=*kpi* level=ERROR logger=KPI* set query_wfm=index=*wfm* level=ERROR logger=KPI* set file_type="JSON" set start_date="" set end_Date="" set time="3600" %JAVA_PATH% com.kronos.hca.daily.monitoring.processor.SplunkRestClient %host_nam% %username% %password% "%query_nam_kpi%" "%logFileLocation%" "%file_name_nam_kpi%" %file_type% %start_date% %end_Date% %time%,   ... View more

Hi,   I am running below query, however I am getting error saying relation "analytics_hca_change_indicator_event doesn't exist" even if table doesn't exist in any one of the schema | koogledimen service=TenantPPASQuery action=AdhocQuery targetGroup="keng03-dev01-ins08-wfm19-dbs" app="Unknown_App/ppas_dheeraj_r9int" schema="_ALL_" query="select date(createdtm), count(*) from analytics_hca_change_indicator_event group by createdtm " | eval envstatus=if(like(scope, "%dev01%"), 1, 0)| eval wfmstatus=if(like(scope, "%wfm19%"), 1, 0) | where envstatus=1 and wfmstatus=1 | eval wfm_schemaname = mvindex(split(scope, "-"), -1).schemaname| eval wfm_schemaname = mvindex(split(scope, "-"), -1)."_".schema_name | chart sum(count) by date,wfm_schemaname   How to handle this scenario please? ... View more

I want to hide columName from 2nd row onwards for below table <row> <panel> <title>STATS : SLI/SLO Dashboard count</title> <table> <search base="pubsubLatencyHighAckDelayDFBaseSearch"> <query> | stats values(serviceName) as serviceName count(eval(error=="failure")) as failureCount count(eval(error=="warning")) as warningCount</query> </search> </table> <html depends="$dontshow$"> <style> #tableWithHiddenHeader1 thead{ visibility:hidden; display:none; } </style> </html> <table id="tableWithHiddenHeader1"> <search base="dfLatencyOverallProcessingDelayBaseSearch"> <query> | stats values(serviceName) as serviceName count(eval(error=="failure")) as failureCount count(eval(error=="warning")) as warningCount</query> </search> </table> </panel> </row>   However when I am using visibility:hidden; display:none;  Alignment is bad, Attach is the screenshot ... View more