Solved: Load Saved Results via CLI

clincg · ‎09-09-2010

Does anyone know how to load saved results from a previous search via CLI command? The documentation suggests that we can run saved search via CLI command, but there is no mention of loading saved results from a previous search via CLI.

The reason I asked is that we often run search over a large set of data that will take a long time to run (over a few hours), after the search, we would like to save the search result and export the large result set over CLI commands later. Currently the UI limits the export to 10,000 rows.

Thanks!

ftk · ‎09-09-2010

Take a look at the loadjob command. You can load the results set of a previously executed job if you know either the job's ID or the name of the saved search run. This should work just fine from the CLI.

View solution in original post

ftk · ‎09-09-2010

Take a look at the loadjob command. You can load the results set of a previously executed job if you know either the job's ID or the name of the saved search run. This should work just fine from the CLI.

Load Saved Results via CLI

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!