我正在使用此命令在my_field上获取Splunk的前200个结果:
q = "search index=idx host=nets* mydomain.com | top limit=200 my_field"
当我在Splunk中运行它时,它给了我200个结果。 但是,当我使用Splunk Python SDK运行它时,我只得到100个结果。
service = client.connect(host=HOST, username=USER, password=PASS)
extra_args = {"earliest_time": "-1h",
"latest_time": "now"}
q = "search index=idx host=nets* mydomain.com | top limit=200 my_field"
res = service.jobs.oneshot(q, **extra_args)
reader = results.ResultsReader(res)
top_jobs = []
for row in reader:
top_jobs.append(row['my_field'])
print len(top_jobs) # always returns 100, or any number less than 100 that is specified in the query.
还有其他方法来指定结果数量吗?