Splunk search not updating

The Search Assistant is like autocomplete, but so much more.

The Search Assistant also returns matching searches, which are based on the searches that you have recently run.

The store sells games and other related items, such as t-shirts.

splunk search not updating-10splunk search not updating-3splunk search not updating-67

In this section, you create searches that retrieve events from the index.

The data for this tutorial is for the Buttercup Games online store.

Searches with transforming commands also populate the Visualization tab.

The results area of the Visualizations tab includes a chart and the statistics table that is used to generate the chart.

Prerequisite Complete the steps, Upload the tutorial data, in Part 2.

The Search Assistant is a feature in the Search app that appears as you type your search criteria.

By default, the events appear as a list that is ordered starting with the most recent event.

In each event, the matching search terms are highlighted.

Macros and event types are convenient knowledge objects, but unless you know exactly what they do, they can obscure the way a given search works.

showsource=1" ("&showsource=1" if other parameters have already been appended) to the view URL in the browser address bar.

You will learn about transforming commands, and use the Statistics and Visualizations tabs, later in the tutorial.

Tags: , ,