Online Safety Community

What Are The Search Commands In Splunk?

The Splunk Commands are one of the programming commands which makes your search processing simple with the subset of language by the Splunk Enterprise commands. These commands are used to transform the values of the specified cell into numeric values. The following are the listed Splunk Search commands that are sorted according to the various categories.


These are one of the commands which can be used for the purpose of building the correlation searches
Append: It is described as one of the Appends which shows the sub-search results to present results.
Appendcols: This command shows all the fields of sub-search results to the present results like first to first and last to last soon.
Appendpipe: This command is completely used to generate the results in sub-search, which is applied to the current result that set to the previous one.
Rules: This command will easily find all the association rules in between the field values.
Associate: This command is used to identify the correlations in between fields.
Contingency, Constable, stable: This command helps to build a contingency table for a particular two fields.
Correlate: This is the top correlation command which can easily calculate the relation between the different fields.
Diff: This command shows the complete outputs in between two search results.
Join: This command will help to combines all the results from main pipeline results through sub-search.
Lookup: It can be used to explicit all invokes in the field value lookups.
Self-join: This command shows the join results with itself without depending on other commands.
Set: It is used to perform the multiple sets of operation like intersect, union and diff especially on the sub-searches.
Stats: This command is used to complete all the statistics that are grouped optionally by the fields.
Transaction: By using this command all the groups of the search results into the group of transactions.

Data and indexes

Data and Indexes are one of the categories in the Splunk search commands which are used to learn all the data that can be added, deleted or manage the data from the resources that are placed in the summary indexes.

View and manage Data:

All the view and manage data commands will help to return the relevant information regarding the data that contains in your indexes. The data present in the indexes cannot be modified easily. The following are some of the commands which are used to delete and add the specific data from your indexes.

Audit: This data command will helpful to throwback all the basic information that can be stored in the local audit index.
Data model: This command is used to provide all the relevant information regarding the data model object or data model.
Dbinspect: It is used to return all the specific information particularly about the specific index.
Event count: This command is used to connect with the number of events in the index.
Metadata: This command is used to return all the sources list, types of sources as well as the hosts in the specified index.
Typeahead: This command is helpful to return all the typeahead information in the specified prefix.
Delete: This command is used to delete all the specific events or search results to delete from the index.
Input: This delete in Splunk search commands will help to add or disable sources in the indexes

Managing the summary indexes:

These commands in the Splunk search commands are helpful to create and manage all the summary indexes.
Collect, stash: This command is used to provide all the search results into a summary index.
Overlap: It is used to find all the events in the summary index that you have missed.
Sichart: This command is used to calculate the summary index of the chart.
Sirare: It can be helpful to conclude the summary indexing version of rare.
Stats: This command will be helpful to summarize the stats version.

Modify fields and field values:

This type of commands will help to modify all the fields and the value.
Convert: It helps to convert all the numerical values in the field.
Filldown: This command is used to replace all the null values with the last non-null values.
Fillnull: It is used to change all the null values with a particular value.
Makemv: If you want to change the specified field in the index then uses this command while researching.
Nomv: This command is used to change the particular multivalve field to single value field during the search.
Rename: This is helpful to rename the specified value by using the wildcards in the specific multiple fields.

Geographic and location:

This Splunk geographical command is used to search all the results
Geom: This command is used to add the field to every event that contains geographic structures in the map visually. But this command requires the external loops to get installed.
Geomfilter: This command will accept the specific bounding box in the maps which point the respective filtered out.
Geostats: It helps to generate all the statistics that are clustered into geographical bins which particularly rendered on the whole world map.?


The metrics in Splunk search commands will completely work with all the metrics data without any hassle.
Mcollect: This command is used to translate all the events in the form of metric data points and can be successfully inserted into the data points of the search head.
Even collect: It is used to convert the stats of events into metric points by inserting them into the metric index.
Mstats: It helps to calculate all the visualization of the date through metric names dimension fields in the respective indexes.

Prediction and trending:

The prediction and trending commands of Splunk are helping to detect all the values that create great visualizations.
Predict: This command is used to enable all algorithm series that predict the values of fields.
Trendline: It is used to calculate and compute all the averages in the fields
X11: This command completely enables the trend with respect to your data by deleting all the seasonal patterns.


Time is one of the categories in the Splunk search commands which is used to search on the basis of time ranges which can add more information to your programs.
Gentimes: This command is used to return all the respective results by matching the time range.
Localize: It is used to return all the list of the time ranges among the time ranges along with the search results.
Reltime:  This command is used to differentiate the difference between the human-readable times to the which adds more value to the fields in the search results.

Views: 61


You need to be a member of Online Safety Community to add comments!

Join Online Safety Community

Take our poll!

Take our poll!

Latest Activity

Mark Nilson posted events
Roger Steven posted events
Training Doyens posted events
Adam Fleming posted a blog post

INFRARED SPECTROSCOPY Is Crucial to Your Business. Learn Why!

Near-Infrared Spectroscopy, NIR or NIRS, is considered a superior method assay to traditional ones, which are destructive and also reduce the number of doses for sale. It overcomes these drawbacks by being both rapid and nondestructive, which helps it respond to the pressures in the pharma industry for generating more and more data, which leads to more assays that bring these inevitable downsides.In being responsive to the physical and chemical environment of…See More


Workplace safety for workers other than your own 1 Reply

Do your workplace/traffic safety plans include safety measures for workers who are not your own employees? Do they take into account the safety of those who will be - or could be - at your workplace,…Continue

Tags: emt, paramedics, emergency, occupational, health

Started by John Petropoulos Memorial Fund. Last reply by Jen McDade on Thursday.

What % of Dollars should be bugeted for All Safety Training for a "Heavy Equipment Road Construction" company with 100 employees? 1 Reply

I have been at a Highway and Road Construction company for six months. I am developing a (first) complete training program. I am the 1st full time safety hire for this company. I need to develop a…Continue

Started by JTurpening. Last reply by Jen McDade on Tuesday.

Technology and Safety 1 Reply

What are the most useful tools to have at your fingertips? -Toolbox Talks-JSA-JHA-Daily Reports, etc. What is falling through the cracks that could be an easy fix? Safety Managers, Coordinators and…Continue

Tags: safety

Started by Drew stone. Last reply by Jen McDade Feb 15.

Important of Warning sign 1 Reply

Warning sign is a type of traffic sign that guide a hazard ahead on the road. Having proper warning sign on the road provide a healthy environment.Continue

Tags: Signs, Workplace, Safety, Sign, Warning

Started by healthandsafetysigns. Last reply by Jen McDade Jan 14.

Workers paticipation in safety management 2 Replies

Workers paticipation in safety management is the aspect which is required to be implemented in the OHSAS 18001 2007 version. , I invite our experience community members to share their views on the…Continue

Tags: management, safety, in, paticipation, Workers

Started by SafetyRaja. Last reply by Tara safe Dec 27, 2018.



© 2019   Created by Safety Community.   Powered by

Badges  |  Report an Issue  |  Terms of Service