Re: New search button is really slow

sixcorners · ‎08-23-2019

When I click new search in the context menu it opens a new tab with a search with the single field I click on.
The new search looks something like this:
*| spath severity | search severity=DEBUG
This is super slow. Is there a way to make this faster?

richgalloway · ‎08-23-2019

Where is this context menu?
Is * really the first part of the search?

---
If this reply helps you, Karma would be appreciated.

sixcorners · ‎10-26-2021

This is the context menu. It appears when clicking on absolutely any value when using splunk to search logs. The queries it produces are really slow.

sixcorners · ‎08-27-2019

yes * is really the first part of the search
Is this not a search option that everyone has?

sixcorners · ‎08-23-2019

The context menu appears when I'm on the search results page. If I click on one of the event's values like ERROR in severity: ERROR then the context menu appears and gives three options. "Add to search", "Exclude from search", and "New search" with little icons that will open it in a new tab.
I guess it's under itsi. Here is the URL path:
/en-US/app/itsi/search

New search button is really slow

Accelerating Observability as Code with the Splunk AI Assistant

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Congratulations to the 2025-2026 SplunkTrust!

Join the Conversation

New search button is really slow

Accelerating Observability as Code with the Splunk AI Assistant

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Congratulations to the 2025-2026 SplunkTrust!