Splunk search not updating updating this page
If you use multiple keywords, you must specify Boolean operators such as AND, OR, and NOT. The type of search commands that you use determines which tab the search results appear on.
The AND operator is implied when you type in multiple keywords. When evaluating Boolean expressions, precedence is given to terms inside parentheses. In the early parts of this tutorial, you will work with the Events tab.
The store sells games and other related items, such as t-shirts.
In this tutorial, you will primarily search the Apache web access logs, and correlate the access logs with the vendor sales logs.
In each event, the matching search terms are highlighted.In this section, you create searches that retrieve events from the index.The data for this tutorial is for the Buttercup Games online store.The Patterns tab displays a list of the most common patterns among the set of events returned by your search.
Each of these patterns represents events that share a similar structure.The timeline highlights patterns of events, or peaks and lows in event activity.