I'm writing a Splunk app, and want to make the default search mode fast (instead of smart), since I'm building a complex query that extracts the parameters of interest myself. I couldn't find how to set the search mode to 'fast' through the template or through JavaScript. Ideally I would be able to set it per search manager. Here's an example query I'm generating to Splunk 6.0: a_t AND host="jcoker-mac.local" AND rootReq | stats values(a_func), values(a_pfuncs), count, sum(a_t), sum(a_self_cpu), sum(a_self_io), avg(a_t), avg(a_self), avg(a_cpu), avg(a_self_cpu), avg(a_io), avg(a_self_io), avg(a_sql), avg(a_self_sql), avg(a_kv), avg(a_self_kv) by t_type, t_action, a_st | sort -sum(a_t), -sum(a_self), -count | rename t_type AS "Type", t_action AS "Action", a_st AS "Status", values(a_func) AS "Function", values(a_pfuncs) AS "Parent Functions", count AS "Calls", sum(a_t) AS "Σ T. time", sum(a_self_cpu) AS "Σ S. CPU", sum(a_self_io) AS "Σ S. I/O", avg(a_t) AS "μ T. time", avg(a_self) AS "μ S. time", avg(a_cpu) AS "μ T. CPU", avg(a_self_cpu) AS "μ S. CPU", avg(a_io) AS "μ T. I/O", avg(a_self_io) AS "μ S. I/O", avg(a_sql) AS "μ T. SQL", avg(a_self_sql) AS "μ S. SQL", avg(a_kv) AS "μ T. K/V", avg(a_self_kv) AS "μ S. K/V" So, I'm explicitly fetching individual fields, and I don't care about any other fields (nor do I care about extra metadata since that isn't going anywhere). ... View more