Solved: Re: How to return more than 10 columns in a table ...

thomas_forbes · ‎08-27-2015

I have a search that searches for Windows Security Event IDs and displays the results in a table format. The maximum number of columns seems to be only 10, but in reality I am returning 15 to 20 columns (Event IDs) depending on what type of search I am running. I would like to increase the number of columns I can display to match the number of Event IDs that are returned from my original search.

somesoni2 · ‎08-27-2015

If you're using chart OR timechart to display your data in table, try to include "limit=0" with chart/timechart. Something like this

your base search | timechart count by sourcetype limit=0

View solution in original post

somesoni2 · ‎08-27-2015

If you're using chart OR timechart to display your data in table, try to include "limit=0" with chart/timechart. Something like this

your base search | timechart count by sourcetype limit=0

thomas_forbes · ‎08-27-2015

Hey somesoni2, that worked like a charm. I thought it was something simple. Thanks again for the help.

Tom

thomas_forbes · ‎08-27-2015

Hey somesoni2, that worked like a charm. I thought it was something simple. Thanks again for the help.

Tom

How to return more than 10 columns in a table search result?

See your relevant APM services, dashboards, and alerts in one place with the updated ...

Index This | What goes away as soon as you talk about it?

What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025

Are you a member of the Splunk Community?

How to return more than 10 columns in a table search result?

See your relevant APM services, dashboards, and alerts in one place with the updated ...

Index This | What goes away as soon as you talk about it?

What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025