Search history is another useful feature introduced in Splunk 6.3 which can be used to view and interact with history of the search command. This feature can be used to get the complete list of search queries executed on Splunk over time.
The search history feature can be accessed via the Splunk Web console by clicking on "Search & Reporting" App | Search. It takes the user to the search summary dashboard with the option to run search queries.
The following image shows the search summary dashboard from where the search history can be accessed:
The Search History option enables the following information on the screen:
- The exhaustive list of
searchqueries run on the Splunk instance along with the time of the last run - The Action option to directly copy the respective
searchquery in the Search bar so as to run thesearchquery right away - The Filter option to choose the list of queries shown on the basis of time defined in the time range picker or some specific word/string which can be configured in the text box
The following is a sample example screen of search history depicting all the preceding information:
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.