Knowledge Management
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to specify a value in one place and use it in several searches?

plucas_splunk
Splunk Employee
Splunk Employee
‎11-25-2016 11:24 AM

I have several saved searches that contain where vehicle_distance<=100. I want to make the value of 100 tunable in one place rather than having to edit all the searches.

I've discovered that I can set-up a macro, say, nbmaxdist that contains the above definition, then use it in a search like | nbmaxdist | (enclosed in backticks that I can't easily show here because a backtick is a Markdown special character).

This works, but is this the prescribed way to do this?

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

woodcock
Esteemed Legend
‎11-25-2016 01:19 PM

Macro is the best way.

View solution in original post

Reply
Solved! Jump to solution
Solution

woodcock
Esteemed Legend
‎11-25-2016 01:19 PM

Macro is the best way.

Reply
Solved! Jump to solution

dbcase
Motivator
‎11-25-2016 12:00 PM

You can also set a global variable in a dashboard like this

<init>
    <set token="mso_index">main</set>
    <set token="mso_host">beta*</set>
  </init>
0 Karma
Reply
Solved! Jump to solution

sundareshr
Legend
‎11-25-2016 11:55 AM

That would be a good way to set a "global variable"

0 Karma
Reply
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...