I never did get a definitive answer to this problem, but there were a couple of things in common to each occurrence of it -- IE was the browser in use. On a few occasions, a few reported seeing the data displayed but when they went back to show me, it did not. One of those did say they used FireFox when the data dispalyed. Here is some of the other factors related to this situation:

• Although only 5,000 or so events were matched, each event had VERY MANY lines, into the thousands. So theoverall size of the result set was very large.
• In each case, the user (including myself) had several open apps running and usually sveral tabs open in the browser. I am not certain if this was true for the FireFox user but when I tried this search using FireFox, it worked (mostly, see more below) but there was no other tabs open and only a couple of running apps on the computer I was using.
• On one occasion, IE did display a page of data but froze when the user tried to go to the next page. Something similar happened to me when I tried this using FireFox but what was different was that the browswer did not freeze, it simply stopped showing data and only line numbers appeared on the page. (IE would show nothing in the results pane.)

What I think was happening was that with so much data to format and display that memory became an issue and the system could not cope with it all; a factor of both the browser and OS. This is a gut call for sure but I could not find anything else to explain it. The problematic search worked OK when we would limit the number of results to a few 100 or less. Fortuantely, that worked for the user needing this search as part of his application management plan.

BTW, this was with Splunk 4.2.1 so none of this is probably really relavent any more. I just noticed this still hanging out there as "open" and chose to follow-up and "close" the issue.