上QQ阅读APP看书,第一时间看更新
Search
Okay, we've finally made it to search. This is where the real power of Splunk lies.
For our first search, we will search for the word (not case-specific) error. Click in the search bar, type the word error, and then either press Enter or click on the magnifying glass to the right of the bar:
Upon initiating the search, we are taken to the search results page (which hasn't really changed in version 7.0):
Note that the search we just executed was across All time (by default); to change the search time, you can utilize the Splunk time picker.
However, since the data is randomly generated, not all queries will work as expected and you may have to modify them accordingly.
You can find the steps to upload the datasets in the previous Data generator section.
However, since the data is randomly generated, not all queries will work as expected and you may have to modify them accordingly.
You can find the steps to upload the datasets in the previous Data generator section.
Refer to the Using the time picker section for details on changing the time frame of your search.