I have this splunk command to search events from my splunk logs; it first attempts to find the ownerId, gets the stats of the traceId and attempts to iterate through the same log using the traceId (I'm trying to use the top-level requests traceId and using it I want to find the logs somewhere down in the requests, i.e. my service making requests to another service)
`my_service` ownerId=1234 OR ownerId=3456
| spath output=traceId path=tr.traceId
| stats count by traceId
| map maxsearches=8 search="search `my_service` tr.name="*Request*" tr.spanId=$traceId"
This only lists the events from the first search, isn't the map supposed to pick up each traceIds and iterate through the same source and list only the matching events?