From the course: Splunk Core Certified User (SPLK-1001) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
Use search assistant - Splunk Tutorial
From the course: Splunk Core Certified User (SPLK-1001) Cert Prep
Use search assistant
So the search assistant is a tool that helps you to write searches in Splunk. So it helps to provide selections that you can use to complete search strings. So maybe you might need some kind of help, you know, locating terms that you've used in your search before, or maybe looking for, you know, queries that you ran in Splunk before that you wanted to reuse them, or maybe information about different commands that you can use. For commands, for example, you might want to go to the search manual online and start looking. But then the search assistant gives you that option where you can actually just have information about commands and then read at this port, which can help you to enhance your search. Now, let's look at some of the ways in which the search assistant helps you in order to write searches in Splunk. The first one here is that it can provide matching terms in index data. So we just saw how we can search with quoted phrases and keywords. If I start typing a keyword like use…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Module overview1m 41s
-
(Locked)
Overview of search and reporting app2m 56s
-
(Locked)
Search with keywords and phrases12m 27s
-
(Locked)
Use wildcards7m 56s
-
(Locked)
Use boolean operators10m 42s
-
(Locked)
Use search assistant18m 10s
-
(Locked)
Identify contents of search results11m 40s
-
(Locked)
Setting search time range23m 9s
-
(Locked)
Events timeline14m 30s
-
(Locked)
Manage search jobs21m 13s
-
(Locked)
View search history4m 34s
-
(Locked)
-
-
-
-
-
-