Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do I increase the limit on events returned when using cli search?

SK110176
Path Finder
‎03-12-2010 08:04 PM

When running a splunk search from the cli, the maximum number of events returned is 100. How do I increase this limit?

Tags (3)
Reply
3 Solutions
Solved! Jump to solution
Solution

V_at_Splunk
Splunk Employee
Splunk Employee
‎03-12-2010 08:45 PM

-maxout 999 (or your preferred number)

View solution in original post

Reply
Solved! Jump to solution
Solution

Marcin
Explorer
‎03-12-2010 08:45 PM

I think what you are looking for is "-maxout NUM", which changes the limit of returned results from 100 to NUM.

View solution in original post

Reply
Solved! Jump to solution
Solution

Stephen_Sorkin
Splunk Employee
Splunk Employee
‎05-28-2010 02:50 PM

New in 4.1, you can set -maxout 0, which means "unlimited." This is useful for streaming data to another processing system or to a file.

View solution in original post

Reply
Solved! Jump to solution
Solution

Stephen_Sorkin
Splunk Employee
Splunk Employee
‎05-28-2010 02:50 PM

New in 4.1, you can set -maxout 0, which means "unlimited." This is useful for streaming data to another processing system or to a file.

Reply
Solved! Jump to solution

kevintelford
Path Finder
‎01-21-2011 03:43 PM

Awesome!

:)

0 Karma
Reply
Solved! Jump to solution

Stephen_Sorkin
Splunk Employee
Splunk Employee
‎01-20-2011 10:06 PM

csv is unlimited in 4.2. table remains limited.

0 Karma
Reply
Solved! Jump to solution

kevintelford
Path Finder
‎01-20-2011 04:42 PM

As of 4.1.5 using -maxout 0 will yield unlimited results if your -ouput flag is set to 'raw' or 'rawdata', if it is set to 'csv' or 'table' it will be limited to 50k (plus one line for the header).

0 Karma
Reply
Solved! Jump to solution
Solution

Marcin
Explorer
‎03-12-2010 08:45 PM

I think what you are looking for is "-maxout NUM", which changes the limit of returned results from 100 to NUM.

Reply
Solved! Jump to solution
Solution

V_at_Splunk
Splunk Employee
Splunk Employee
‎03-12-2010 08:45 PM

-maxout 999 (or your preferred number)

Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...