O'Reilly logo

Splunk 7 Essentials - Third Edition by Betsy Page Sigman, Erickson Delgado, J-P Contreras

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Filtering search results

Splunk is great for searching data. Using search commands, you can filter your results using key phrases just the way you would with a Google search. Here are some examples for you to try out:

SPL> index=main /booking/confirmation 

The preceding filters search results from the index main, and only returns those events with the string /booking/confirmation in the _raw data.

You may also add further filters by adding another phrase. It is very important to note, however, that, by default, Splunk will assume that your phrases are logically chained based on an AND operator, for example:

SPL> index=main /booking 200 

The preceding line of code is equivalent to the following:

SPL> index=main /booking AND 200 

Similarly, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required