Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How can I save results of search to dashboard every 24 hours?

zhatsispgx
Path Finder
‎02-06-2018 01:30 PM

I have a very slow search that I would like to schedule and save the results in a dashboard so the search doesn't have to rerun. The search is extremely slow because it uses transaction across hundreds of thousands of log events.

What I would like to have is a search that runs once every 24 hours, saves the results from the job to a dashboard. 

sourcetype="cisco:esa:textmail"
| transaction mid
| search reason="content filter:Auto_Notify"
| table mid, sender, recipient, file_name, attachment_type, subject, quarantine_dest, vendor_action, reason
0 Karma
Reply

micahkemp
Champion
‎02-06-2018 01:35 PM

This seems like a prime case for summary indexing. Run this search every so often, save the results to a summary index, use the summary index on your dashboard.

0 Karma
Reply
Get Updates on the Splunk Community!

Feel the Splunk Love: Real Stories from Real Customers

Hello Splunk Community,    What’s the best part of hearing how our customers use Splunk? Easy: the positive ...

Data Management Digest – November 2025

  Welcome to the inaugural edition of Data Management Digest! As your trusted partner in data innovation, the ...

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...