Yes, cURL gives me results delayed with around 30-40 seconds. Node.js doesn't give me ANY results, which is weird, considering I am using the standard request from the documentation. I've re-checked my code 10 times.
function startRealTimeSearch(searchQuery, callback) {
// I've replaced the data with placeholders
const options = {
hostname: 'splunk_instance_address',
port: 'port_number',
path: '/services/search/jobs/export',
method: 'POST',
headers: {
'Authorization': 'Basic base64_encoded_data'
}
};
// POST body
let search_body = qs.stringify({
'search': searchQuery,
'earliest_time': 'rt',
'latest_time': 'rt',
'output_mode': 'json'
});
// HTTPS POST request to Splunk that starts the RT search
let searchRequestToSplunk = https.request(options, function onResponse(res) {
let receivedData = '';
// The stream of events should be received here.
res.on('data', (chunk) => {
receivedData += chunk;
console.log(`Received: ${receivedData}`);
});
res.on('end', () => {
console.log(`Stream ended.`);
});
});
// Send the POST request to the Splunk API
searchRequestToSplunk.write(search_body);
searchRequestToSplunk.end();
// Receive request errors here
searchRequestToSplunk.on('error', (err) => {
console.error(err.message);
});
}
... View more