All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

REST API Modular Input: How do I adjust the frequency the REST API makes HTTP requests?

bruce845
Explorer
‎07-23-2015 05:37 AM

I need that REST API makes HTTP requests only once a minute. How I make this?

This API makes many requests per minute. I don't need this. I can't adjust the frequency of requests.

I change the field "Sequential Stagger Time", but this doesn't do anything.

0 Karma
Reply

Damien_Dallimor
Ultra Champion
‎07-23-2015 05:49 AM

The polling interval parameter controls the frequency of requests.The default is 60 seconds.

As per the description in the UI :

alt text

If you are seeing more requests, then perhaps my guesses are :

1) you have errors , search with "index_internal ExecProcessor error rest.py" to find any
2) you have some other rest.py processes in the background doing things

Preview file
1 KB
0 Karma
Reply

bruce845
Explorer
‎07-23-2015 06:10 AM

So,

  1. I didn't find any erros. This API executes perfectly;
  2. When I disable, the requests stops immediately.

Below, the content of inputs.conf without some confidentiality attributes

[rest://RequestFresh]
auth_type = basic
http_header_propertys = Content-Type=application/json
http_method = GET
index = freshdesk
index_error_response_codes = 0
response_type = json
sequential_mode = 0
sourcetype = freshdesk
streaming_request = 0
url_args = format=json,page=1
disabled = 1
sequential_stagger_time = 
polling_interval = 600000
0 Karma
Reply

Damien_Dallimor
Ultra Champion
‎07-24-2015 05:05 AM

Are you performing token replacement in the URL ?

Also, just an observation 600000 should be 60 (seconds).

There was a typo in my error search string above , try this in Splunk:

index=_internal ExecProcessor error rest.py
0 Karma
Reply

bruce845
Explorer
‎07-24-2015 05:45 AM

Thank you for efforts on helping me, but:

I'm not perfoming token replacement.

I put 600000 for tests and other higher values, but the frequency of requests remains unchanged.

I tried this search query, but it didn't return any results. The app indexes responses perfectly, but tcpdump in Linux confirms the number of requests.

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...