Solved: Re: How to wait for the SearchManager job to finis...

chrismok · ‎09-16-2014

Currently, I run the search query and get the last 3 records, basic on these records and generate the charts. However I find that the "save array job will run after the page load end", and the a.length is zero.

So I would like to know how I can wait for the query result first

 var scope = new SearchManager({
             "id": "scope",
             "status_buckets": 0,
             "search": "sourcetype=\"test_buildlog\" |table b",
             "app": utils.getCurrentApp(),
             "runWhenTimeIsUndefined": false
             }, {
                 tokens: true, tokenNamespace: "submitted"
         });

         var s = scope.data('results');
            s.on("data", function () {

                for (var n = 0; n <= r.data().rows.length - 1; n++) {
                  //insert the data to array
                    a.push(r.data().rows[n][0]);
                }


         for (var i = 0; i <= a.length - 1; i++) {
            ......
           ......basic on the array data create another search query
            ......
}

martin_mueller · ‎09-16-2014

You can listen to the "search:done" event on the SearchManager and proceed from there.

http://docs.splunk.com/Documentation/WebFramework -> Click SearchManager -> scroll down to events

View solution in original post

bhawkins1 · ‎02-21-2017

If you listen to SearchManager.on("search:done", fn); you'll not be able to reliably read result rows from SearchManager.data("results").data() - consistent with that, SearchManager.data("results").hasData() will sometimes return false.

Instead, use the results object's .on("data", fn); listener, like @slashnburn mentions above:

const search_man; // : SearchManager

const results = search_man.data("results");

results.on("data", () => {
    if (results.hasData()) {
        console.log(results.data().rows);
    }
});

martin_mueller · ‎09-16-2014

You can listen to the "search:done" event on the SearchManager and proceed from there.

http://docs.splunk.com/Documentation/WebFramework -> Click SearchManager -> scroll down to events

martin_mueller · ‎11-04-2014

I think part of your comment was lost.

In general, listening to "search:done" events works like this:

myResults.on("search:done", function() {
  console.log("Woohoo, all done!");
});

bhawkins1 · ‎02-21-2017

I just wasted a few hours working out why my code wasn't working, because the search:done listener is subtly annoying in that it makes no guarantee about the presence of its SearchManager's .data('results').hasData() value.

In other words. definitely prefer to use SearchManager.data("results").on("data") if you want to use the data values, and not just notify when the search is done.

bhawkins1 · ‎02-21-2017

To be more specific, I was running an array of search managers using the search:done listener and about 1 in 8 had no results when the query would otherwise produce them. This would also occur predictably and for the same queries. Changing the listener to results.on("data") solved the problem.

slashnburn · ‎11-04-2014

Could you provide a little more insight?

myResults = new SearchManager({
            id: "mysearch",
            search: "mycustomsearch",
            data: "results",
            status_buckets: 300,
            preview: true,
            cache: false
        }, {tokens: true}).data("results").on("data", function() {

How to wait for the SearchManager job to finish?

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector

Adoption of Infrastructure Monitoring at Splunk