Chapter 2. Advanced Searching

In this chapter, we will demonstrate advanced searching topics and techniques, providing meaningful examples as we go along. The following topics will be covered:

Searching for operators, command formats, and tags
Subsearching
Searching with parameters
Efficient searching with macros
Search results

Searching in Splunk

It would be negligent for a book on mastering Splunk searching to not mention the dashboard of version 6.0.

The search dashboard

If you take a look at the Splunk search dashboard (and you should), you can break it down into four general areas. They are given as follows:

The search bar: The search bar is a long textbox into which you can enter your searches when you use Splunk Web.
Range picker: Using the (time) ...

Get Mastering Splunk now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Splunk by James Miller

Chapter 2. Advanced Searching

Searching in Splunk

The search dashboard

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly