Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Where to store a variable value

RVDowning
Contributor
‎10-02-2013 12:51 PM

I want to search for all records where some field value is greater than X where X is some number. A number of searches reference this same value of X. Where can I store that value of X so that I don't have to change all searches that are referencing it when I need to change X to some different value? Namely, I don't want to have to hard code that value.

Tags (1)
0 Karma
Reply

pradeepkumarg
Influencer
‎10-02-2013 01:11 PM

You can create a macro here Manager » Advanced search » Search macros

Name of the macro - x

Definition of the macro - the value of x (Eg: 5)

In your search 

sourcetype=some_sourcetype  fieldname > `x`

0 Karma
Reply

pradeepkumarg
Influencer
‎10-02-2013 07:08 PM

Sure. You can mark it as answered if that solved your problem 🙂

0 Karma
Reply

RVDowning
Contributor
‎10-02-2013 01:19 PM

Ah, thank you much!

0 Karma
Reply
Get Updates on the Splunk Community!

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

New Release | Splunk Cloud Platform 10.1.2507

Hello Splunk Community!We are thrilled to announce the General Availability of Splunk Cloud Platform 10.1.2507 ...

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

🗣 You Spoke, We Listened  Audit Trail v2 wasn’t written in isolation—it was shaped by your voices.  In ...