Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            I am using limit 2 in my search but getting back more than 2 results?

            Modified on Fri, 17 Nov 2023 at 10:23 AM

            This is most likely a problem with your query. Let's take a look!

            If your query looks something like this: 

            tag=shodan json port==502 limit 2


            This works in the sense that the query will run, but not limit results to 2. 

            The above query is missing a pipe, so its really just telling the json module that you also want to extract fields named "limit" and "2" vs actually limiting the number of records returned.

            Instead, try adding a pipe:

            tag=shodan json port==502 | limit 2

            This will return two records.

            Here is a link to some documentation about the limit module in Gravwell:

            Limit Module Documentation

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select atleast one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0