Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

outputlookup is limited to 10,000 results

jambajuice
Communicator
‎01-12-2011 03:50 AM

I need to create an outputlookup file with more than 10,000 results. I've looked through the limits.conf examples and I can't find a way to increase the number of results beyond 10K.

Is this possible?

Craig

Tags (1)
Reply

rfiscus
Path Finder
‎02-09-2016 08:22 AM

Yup, sort was killing it for me. Thanks!

Reply

steveyz
Splunk Employee
Splunk Employee
‎01-12-2011 04:27 AM

What is the full search? outputlookup itself does not have any results limits, and a limit of 10k would mostly be due to a sort command you may be using. (sort implicitly truncates to the first 10k output rows unless you specify limit=0 as an argument to it)

Reply

rdownie
Communicator
‎09-03-2014 04:22 AM

sort limit=0 worked for me.
Thanks.

0 Karma
Reply

steveyz
Splunk Employee
Splunk Employee
‎01-13-2011 05:06 AM

try using fields instead of table

0 Karma
Reply

jambajuice
Communicator
‎01-12-2011 06:08 AM

The search is:

sourcetype="nessus_plugins" | table nessus_id,cve_id,osvdb_id | outputlookup osvdb_cvs_lookup.csv

If I remove the outputlookup part of the search, it still maxes out at 100000 events.

0 Karma
Reply
Get Updates on the Splunk Community!

Fall Into Learning with New Splunk Education Courses

Every month, Splunk Education releases new courses to help you branch out, strengthen your data science roots, ...

Super Optimize your Splunk Stats Searches: Unlocking the Power of tstats, TERM, and ...

By Martin Hettervik, Senior Consultant and Team Leader at Accelerate at Iver, Splunk MVPThe stats command is ...

How Splunk Observability Cloud Prevented a Major Payment Crisis in Minutes

Your bank's payment processing system is humming along during a busy afternoon, handling millions in hourly ...