Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to use the "Pattern" tab in Splunk?

pgadhari
Builder
‎09-01-2016 11:38 AM

Hi All,

I want to do text analytics in my data and I am thinking of using the "Pattern" tab for that. Actually, I have a "Description" field for my ticket data, and want to know what are the most common "text" or "Patterns" in that field. Somehow I cannot share the data here. so when I write the search:

index=*** source=**** Description=* and run the Pattern tab, it shows only patterns for sample 1000 events, but I want to show for all of my 25000 records. How can I change the sample events to "25000".

Also, I saw that cluster command can be used for grouping the events with common pattern. Please help me in whether I should be using Pattern tab or Cluster command.

Regards
PG

0 Karma
Reply

s2_splunk
Splunk Employee
Splunk Employee
‎09-01-2016 11:55 AM

The pattern tab runs searches using the cluster command under the covers and applies some UI post processing to the results. I would recommend you review the documentation for the cluster command here and determine which command options meet your needs best.

Reply

pgadhari
Builder
‎09-01-2016 11:44 AM

This is quite urgent please...

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...
Top