Solved: How to search for "Roberto Carlos" in text-only fi...

wajihullahbaig · ‎03-22-2012

I have just indexed a few plain text files using Splunk Web gui. Now I am trying to retrieve some results using the Java SDK. I am not sure of the search queries. What would be my search query if I want to search all the files for "Roberto Carlos" and if I need to get the top 10 results?

Guidance much appreciated as I am new to splunk.

cvajs · ‎03-22-2012

not knowing what your indexes or terms are called,
index=text_files " Roberto Carlos " | top filename limit=10

View solution in original post

cvajs · ‎03-22-2012

not knowing what your indexes or terms are called,
index=text_files " Roberto Carlos " | top filename limit=10

wajihullahbaig · ‎03-22-2012

Yes...I was just looking at the XML the search returned. Therefore it is now much easier to understand. Thanks.

cvajs · ‎03-22-2012

you can see extracted fields from a general search on the left side, it will show you the fields which you can then use to act on in a search, eg "filename", etc.

wajihullahbaig · ‎03-22-2012

Much appreciated. Thanks

How to search for "Roberto Carlos" in text-only files ?

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Ready, Set, SOAR: How Utility Apps Can Up Level Your Playbooks!

DevSecOps: Why You Should Care and How To Get Started