Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Is it possible to run a map function in parallel?

robertlynch2020
Influencer
‎02-11-2022 02:50 AM

Hi

I have the below code, however, as I grow the number of lines I am giving the MAP is it getting very slow.

Is there any way to run the map in parallel?

 

| map maxsearches=21 search="| savedsearch "$ALERT$" host_token=PDT SERVICE_EARLIEST_TIME=1643954400 time_token.earliest=1644213600 time_token.latest=1644268200  Threshold=$Threshold$ | appendcols [ | makeresults | eval Order="$Order$",Threshold=$Threshold$ | fillnull count ] | table ALERT count Order Threshold "

 

Thanks in advance

Rob

Labels (1)
Labels
Tags (1)
0 Karma
Reply

pmunaret
Explorer
‎06-13-2022 04:13 PM

Hey,

did you find a solution?

Best regards

0 Karma
Reply

robertlynch2020
Influencer
‎06-14-2022 01:58 AM

Hi

No sorry, i did not.

 

Rob

0 Karma
Reply
Get Updates on the Splunk Community!

Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know

To Community SOAR App Developers - we're reaching out with an important update regarding Python 3.9's ...

October Community Champions: A Shoutout to Our Contributors!

As October comes to a close, we want to take a moment to celebrate the people who make the Splunk Community ...

Automatic Discovery Part 2: Setup and Best Practices

In Part 1 of this series, we covered what Automatic Discovery is and why it’s critical for observability at ...