Solved: How to search for "Roberto Carlos" in text-only fi...

wajihullahbaig · ‎03-22-2012

I have just indexed a few plain text files using Splunk Web gui. Now I am trying to retrieve some results using the Java SDK. I am not sure of the search queries. What would be my search query if I want to search all the files for "Roberto Carlos" and if I need to get the top 10 results?

Guidance much appreciated as I am new to splunk.

cvajs · ‎03-22-2012

not knowing what your indexes or terms are called,
index=text_files " Roberto Carlos " | top filename limit=10

View solution in original post

cvajs · ‎03-22-2012

not knowing what your indexes or terms are called,
index=text_files " Roberto Carlos " | top filename limit=10

wajihullahbaig · ‎03-22-2012

Yes...I was just looking at the XML the search returned. Therefore it is now much easier to understand. Thanks.

cvajs · ‎03-22-2012

you can see extracted fields from a general search on the left side, it will show you the fields which you can then use to act on in a search, eg "filename", etc.

wajihullahbaig · ‎03-22-2012

Much appreciated. Thanks

How to search for "Roberto Carlos" in text-only files ?

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...