【问题标题】:Unable to get Splunk query SID无法获取 Splunk 查询 SID
【发布时间】:2019-01-28 12:14:03
【问题描述】:

下面是我的代码sn-p:

search='index="someindex" earliest=27/01/2019:0:0:0 latest=27/01/2018:23:59:00'

data = {'search': search, 'max_count':'10000000'}
response = requests.post('https://something:8089/services/search/jobs',
                         auth=('usr', 'pwd'), data=data, verify=False)
#print(response)                         
root = ET.fromstring(response.text)
#print(root)
for tag in root:
    job_id = tag.text
    print(job_id)
print(job_id)

我收到 400 响应,打印 job_id 时出错。

【问题讨论】:

    标签: python splunk splunk-query splunk-sdk


    【解决方案1】:

    如果您在索引上搜索,搜索字符串应以 search 关键字开头。

    修改搜索字符串:

    search='search index="someindex" earliest=27/01/2019:0:0:0 latest=27/01/2018:23:59:00'
    

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2011-03-29
      • 2014-12-27
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多