Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

how to clone a search window

elenzil
Path Finder
‎05-03-2012 03:54 PM

say i've got an interesting search going; it's yielding some pretty good values, but i think i might want to tweak it.

what i'd really like to do is just clone the whole splunk window, and modify the clone.

what i actually have done is written a little bash script to convert a search line into a URL - i copy my search term into the system clipboard, pipe it through my bash script, then paste the results into the URL bar in a new browser window.

it would be awesome if splunk had a button to do this for me, preserving the timerange from the original window.

Reply
1 Solution
Solved! Jump to solution
Solution

Drainy
Champion
‎05-04-2012 01:08 AM

I can see the benefits of that, although in Chrome you can already right click and duplicate a tab. Though this won't preserve any results that Splunk might have already fetched it will preserve the search and time range.

Also you could always create it as a saved search and run that from the search window and just modify/clone it via the saved searches screen.

View solution in original post

Reply
Solved! Jump to solution
Solution

Drainy
Champion
‎05-04-2012 01:08 AM

I can see the benefits of that, although in Chrome you can already right click and duplicate a tab. Though this won't preserve any results that Splunk might have already fetched it will preserve the search and time range.

Also you could always create it as a saved search and run that from the search window and just modify/clone it via the saved searches screen.

Reply
Solved! Jump to solution

elenzil
Path Finder
‎05-07-2012 10:27 AM

thanks Drainy!

oh interesting - w/ splunk 4.3 it looks like the URL keeps up-to-date with the search you're working on, so just copying the URL is sufficient. that's great. previously that wasn't the case.

saving a search and editing it technically works, but practically has a couple issues: 1) it takes a lot of time to do. 2) it pollutes your saved-search space.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Platform | Upgrading your Splunk Deployment to Python 3.9

Splunk initially announced the removal of Python 2 during the release of Splunk Enterprise 8.0.0, aiming to ...

From Product Design to User Insights: Boosting App Developer Identity on Splunkbase

co-authored by Yiyun Zhu & Dan Hosaka Engaging with the Community at .conf24 At .conf24, we revitalized the ...

Detect and Resolve Issues in a Kubernetes Environment

We’ve gone through common problems one can encounter in a Kubernetes environment, their impacts, and the ...