Splunk Enterprise Data Stream Parameters

The Splunk Enterprise plugin provides configurable data streams to fetch report data.

Each configurable data stream exposes a set of parameters that lets you filter the data you retrieve. The following information describes the available configurable data streams and their parameters in detail.

Reports

Parameter	Description
Report	Select the report you want to return data for.
Use timeframe	Select this option to restrict the query results to those that fall within the tile timeframe. If unchecked, the query will run without applying the dashboard’s time filter and return results from the entire data set.

SPL Query (Global)

Parameter	Description
Query	Enter a valid Search Processing Language query to define the data set you want to retrieve. The query can include filtering, aggregation, and search criteria supported by SPL. This field determines what records will be returned from the database or log source.
Use timeframe	Select this option to restrict the query results to those that fall within the tile timeframe. If unchecked, the query will run without applying the dashboard’s time filter and return results from the entire data set.

SPL Query (Scoped)

Parameter	Description
Query	Enter a valid Search Processing Language query to define the data set you want to retrieve. The query can include filtering, aggregation, and search criteria supported by SPL. This field determines what records will be returned from the database or log source.
Use timeframe	Select this option to restrict the query results to those that fall within the tile timeframe. If unchecked, the query will run without applying the dashboard’s time filter and return results from the entire data set.

Was this article helpful?

Have more questions or facing an issue?

Submit a ticket