head

It's a pretty popular search command and it is used in all sorts of situations. Below are some really cool searches that use head along with other search commands.

Splunk Server's Time

* | head 1 | eval tnow = now() | fieldformat tnow=strftime(tnow, "%c %Z") | table tnow

purpose:

shows the time according to the splunk server

requirements:

comments: