.conf2014 Highlight Series: Lesser Known Commands in Splunk Search Processing Language (SPL)


.conf2015 registration is open!

As we get closer to .conf2015: The 6th Annual Splunk Worldwide Users’ Conference in Las Vegas this September, we’re excited to continue our series of .conf2014 retrospectives. This week we revisit Kyle Smith’s presentation covering less popular but powerful commands in Splunk Search Processing Language (SPL).

Skill Level:
Good for All Skill Levels

Solution Area:
Search Language

Splunk Enterprise

Presentation Overview:
From one of the most active contributors to Splunk Answers and the IRC channel, this session covers those less popular but still super powerful commands, such as “map”, “xyseries”, “contingency” and others. This session also showcases tricks such as “eval host_{host} = Value” to dynamically create fields based on other field values, and searches that show concurrency based on start/end times within an event (using gentimes).

For the full recoding, check out Using Lesser Known Commands in Splunk Search Processing Language (SPL).

(This presentation also has one of my favorite disclaimers – slide 2 – with the Most Interesting Man in the World).


Richard Brewer-Hay
Posted by Richard Brewer-Hay

Richard Brewer-Hay (RBH) has 20 years experience in communications, marketing and production on behalf of some of the world's most innovative companies including Yahoo!, eBay, NEC, Microsoft and StubHub. In November, 2014, he joined Splunk to lead its social media efforts across the global organization.

When he's not Splunking, RBH spends as much time as possible with his wife and two daughters - exploring the Bay Area. He also brews beer. In April 2010, his beer – “Imperial Jack”, named after his Grandfather and brewed in collaboration with San Francisco’s 21st Amendment Brewery, was a Gold Medal winner at the World Beer Cup.

Join the Discussion