If you’re running saved searches in Splunk as subsearches inside of the map command, they are bound by the subsearch limitation.
This is an alternative command that doesn’t have this limitation as it starts a new job for each subsearch.
To use it, instead of calling:
| makeresults
| map test
You’re using:
| makeresults
| mapsearch search=test
Missing the full flexibility of map, the command also passes each event’s values as input parameters to each called saved search. Optionally, you can specify a list of fields that will be copied from the input events to the output events.