Hi,
I'm new to Splunk and don't really know it well so I apologize in advance if this seems like a silly question. I'm using Splunk Python SDK to get the results of a search that should ideally be having plenty of results no matter what the time frame and I used to get results for a while until recently it started to return a string of size 0 bytes. I believe the jobs are getting created and the search goes through, but I still don't get results.
Can someone help me figure out where to look for answers, perhaps?
This is the code snippet:
service = client.connect(
host=HOST,
port=PORT,
username=USERNAME,
password=PASSWORD)
# Get the collection of search jobs
jobs = service.jobs
# Create a search job
job = jobs.create(QUERY)
# Wait for job to be ready
while not job.is_ready():
sleeper(.2, "Job not ready")
# Get the results and return them
rr = job.results(**PARAMS)
result = rr.read(None).decode('utf-8')
... View more