java - Splunk doesnt return all the results - using rest API -
问题描述
I'm retrieving data from Splunk using rest API via production port 8980, on the GUI I can see 770 events when I retrieve data I got less then a 100.
here is my code in Java to retrieve data:
public JSONObject Post_request() throws IOException, ParseException {
String Query = "search " + OS_Vuln_Query;
Job job = session.make_Request().getJobs().create(Query);
while (!job.isDone()) {
try {
Thread.sleep(1000);
} catch (InterruptedException e) {
e.printStackTrace();
}
}
JobResultsArgs resultsArgs = new JobResultsArgs();
resultsArgs.setOutputMode(JobResultsArgs.OutputMode.JSON);
InputStream results = job.getResults(resultsArgs);
BufferedReader br = new BufferedReader(new InputStreamReader(results));
StringBuilder sb = new StringBuilder();
String line;
while ((line = br.readLine()) != null)
{
sb.append(line);
}
JSONParser parser = new JSONParser();
JSONObject json = (JSONObject) parser.parse(sb.toString());
String vulns_as_string = json.get("results").toString();
JSONArray vulns_to_json = (JSONArray) parser.parse(vulns_as_string);
if (vulns_to_json.size()>0)
{
System.out.print("Splunk return results");
for (int v = 0; v < vulns_to_json.size(); v++)
{
String vuln_as_string = vulns_to_json.get(v).toString();
Vulnerability vulnerability = new Gson().fromJson(vuln_as_string, Vulnerability.class);
data_Parsed = true;
vulnerability.ports_to_List();
list_of_OS_Vulnerability.add(vulnerability);
}
return json;
}
System.out.print("Splunk return empty results");
return null;
}
I make request to Splunk from different class - it return service which I used to pass queries to splunk
解决方案
我从 Splunk 文档中发现它并不是一开始的。如果未设置为 0,resultsargs 将仅返回前 100 个结果。解决这个问题,只需将 resultsArgs 中的 setcount 设置为 0:
resultsArgs.setCount(0); // to return all results
推荐阅读
- python - 如何在 Selenium Python 中使用 WebDriverWait 修复此语法错误
- javascript - 在我现有的 html 列表中使用 javascript 添加删除按钮
- python - mysql 编码以允许表情符号
- react-native - npm VS yarn 反应原生
- android - 带有 Flutter 的 Android Studio 看不到模拟器
- google-cloud-firestore - Firebase Firestore 安全规则建议
- python - 将查询字符串从 AWS API Gateway 导入 Lambda Python 函数
- node.js - 错误 LessError:找不到模块,因为 npm install(update),包模块依赖项更新
- swift - 如何检查一个字符串是否是 Swift 中的一个字符
- reactjs - 在同一页面上使用多个 Dropzone 反应 Mui-Dropzone