New search button is really slow

sixcorners · ‎08-23-2019

When I click new search in the context menu it opens a new tab with a search with the single field I click on.
The new search looks something like this:
*| spath severity | search severity=DEBUG
This is super slow. Is there a way to make this faster?

richgalloway · ‎08-23-2019

Where is this context menu?
Is * really the first part of the search?

---
If this reply helps you, Karma would be appreciated.

sixcorners · ‎10-26-2021

This is the context menu. It appears when clicking on absolutely any value when using splunk to search logs. The queries it produces are really slow.

sixcorners · ‎08-27-2019

yes * is really the first part of the search
Is this not a search option that everyone has?

sixcorners · ‎08-23-2019

The context menu appears when I'm on the search results page. If I click on one of the event's values like ERROR in severity: ERROR then the context menu appears and gives three options. "Add to search", "Exclude from search", and "New search" with little icons that will open it in a new tab.
I guess it's under itsi. Here is the URL path:
/en-US/app/itsi/search

New search button is really slow

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

Are you a member of the Splunk Community?

New search button is really slow

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?