java - Splunk Java SDK 需要太多时间才能获得结果

Question

我正在尝试从 Splunk 获取 10 个事件。但是UI返回结果不到1秒需要40多分钟

        String token = "token";
    String host = "splunk.mycompany.com";
    Map<String, Object> result = new HashMap<>();
    result.put("host", host);
    result.put("token", token);
    HttpService.setSslSecurityProtocol(SSLSecurityProtocol.TLSv1_2);

    Service service = new Service(result);
    Job job = service.getJobs().create("search index=some_index earliest=-1h |head 10");
    while (!job.isReady()) {
        try {
            Thread.sleep(500); // 500 ms
        } catch (Exception e) {
            // Handle exception here.
        }
    }

    // Read results
    try {
        ResultsReader reader = new ResultsReaderXml(job.getEvents());

        // Iterate over events and print _raw field
        reader.forEach(event -> System.out.println(event.get("_raw")));

    } catch (Exception e) {
        // Handle exception here.
    }

这可能是什么原因？它也可能因超时异常而失败

此代码来自 Splunk java sdk GitHub 页面。由于 NDA，令牌、主机等从真实变为存根。

score 0 · Accepted Answer

0

问题出在主人身上。与 DevOps 团队合作并解决了它

于 2022-02-23T14:39:49.950 回答

java - Splunk Java SDK 需要太多时间才能获得结果

1 回答 1

Related

Reference