logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Audit and Remediation: Live Query Results Limited to 10,000 results in Splunk

Audit and Remediation: Live Query Results Limited to 10,000 results in Splunk

Environment

  • Carbon Black Cloud
    • Audit and Remediation
  • Splunk App

Symptoms

Live Query has more than 10,000 results, but only 10k are displaying in Splunk

Cause

This is a known limitation.

Carbon Black Cloud Splunk App - User Guide - Carbon Black Developer Network
"Note: Limited to the first 10,000 results of a Live Query"


Resolution

Please reach out to your account manager if you'd like to see this limitation increased. 

Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎04-05-2022
Views:
492
Contributors
logo