About Search
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Contents
About Search
The search scrum implements new, and improves existing searching capabilities.
Developers involved
During the course of Preview's development, the developers working on these features will be blogging about their work. Check the following blog for tips, tricks, and additional information:
New features
Search improvements
There are changes to how SplunkWeb and the search language work. See what's new Splunk:preview:SearchImprovements:latest.
Enhanced strptime() format recognition
Splunk's strptime() parser now handles more granular time specifications. Learn more Splunk:preview:EnhancedStrptimeFormatSupport:latest.
Live Tail
Live Tail lets you monitor a stream of data as it is being indexed in Splunk. It has similar functionality to tail -f in a Unix shell, and allows you to stream events from a simple keyword search to a browser window.
Learn more about Splunk:preview:LiveTail:latest.
New commands
Check out some of the powerful Splunk:preview:NewSearchCommands:latest that have been added. Also, see changes made to existing commands.
Writing search commands
To make handling data structures simpler when writing search commands, the input format has been standardized to be an Excel-flavored CSV format (Excel with headers).
This documentation applies to the following versions of Splunk: 3.2 View the Article History for its revisions.