Any intellisense enhancements / plug-ins?

mwagstaff · ‎12-15-2011

Hi all - are there any intellisense plug-ins that enhance the existing Splunk search bar? A few examples of enhancements that I think would be really helpful:

If I start typing the name of a macro that isn't in my search history, it would be great to have it appear in the dropdown with syntax description, search details, etc.
Auto completion of field names would be cool, with perhaps the top 10 values appearing in the dropdown to give a preview of what data is contained within said field
Tag name auto completion
More detailed and expanded examples of usage and syntax for search keywords, with links to the appropriate help page on the Splunk site

MHibbin · ‎12-15-2011

I think for the first three points of yours they would be enhancement requests.

However, for your last point, are you aware of the documentation on the search commands

http://docs.splunk.com/Documentation/Splunk/4.2.3/SearchReference/WhatsInThisManual

This should contain all you need, also when you do start to type the command in the search bar there will be a drop-down that appears and informs you of the usage and some examples, also there will be a link, "help", which links to the relevant page in the documentation above.

Regards,

Matt

Any intellisense enhancements / plug-ins?

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?