Which of the following statements describe oneshot searches? (Select all that apply.)
Which of the following statements describe oneshot searches? (Select all that apply.)
Oneshot searches can specify csv as an output format, allowing for immediate structured result retrieval. They stream all results upon search completion, meaning the search does not run in the background but completes in a single request, providing all results at once. This characteristic distinguishes them from other types of searches that may execute over an extended period or in a different manner.
It's BC. A - It's wrong because a oneshot search is a synchronous search as we get the results upon making the request without the need for complementary requests in order to get the results D - It's wrong becaus according to the domumentation auto_cancel refers to inactivity not to timeout (timeout is set by the timeout parameter).
BC is the way
Ans is BC B. Can specify csv as an output format. C. Stream all results upon search completion. Specifies the output format of the results (XML, JSON, JSON_COLS, JSON_ROWS, CSV, ATOM, or RAW). ref:- https://dev.splunk.com/enterprise/docs/devtools/java/sdk-java/howtousesdkjava/howtoworkjobjava/ For those searches that stream the results (oneshot and export), the search results are not retained on the server. If the stream is interrupted for any reason, the results are not recoverable without running the search again.