Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to add a CSV lookup table - Splunk Light Free eval

L479
Engager
‎04-08-2015 11:55 AM

How can a CSV based lookup table be added to Splunk Light Free; and are lookup tables supported in Splunk Light Free?

We've 30+ ones to add and would like a faster way such as the web interface instead of configuration file editing.

0 Karma
Reply

jphohloch
Engager
‎03-26-2017 10:38 PM

at least todays version supports it even in the GUI:
https://docs.splunk.com/Documentation/SplunkLight/6.5.1612/GettingStarted/Usinglookups

0 Karma
Reply

inventsekar
SplunkTrust
SplunkTrust
‎08-10-2016 03:44 AM

http://docs.splunk.com/Documentation/SplunkLight/6.4.2/References/Listofsearchcommands
there is no lookup command on the list of available commands on Splunk Light.

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma
Reply

waechtler
Path Finder
‎08-10-2016 04:21 AM

Maybe, but it works

0 Karma
Reply

inventsekar
SplunkTrust
SplunkTrust
‎08-10-2016 05:44 AM

oh ok.. thanks.

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma
Reply

waechtler
Path Finder
‎08-10-2016 03:20 AM

splunk light does support lookups, you just have to configure them manually:

in ~etc/apps/search/lookups add your .csv file:
mylookup.csv

in ~etc/apps/search/local/transforms.conf:

[mylookup]
filename = mylookup.csv

It will also work if placed in app specific directories

0 Karma
Reply

sophy
Splunk Employee
Splunk Employee
‎04-08-2015 12:04 PM

The current version of Splunk Light does not support lookup tables.

Reply

yschiff
New Member
‎10-01-2015 10:04 AM

Does Splunk Light still not support lookup tables? I'm looking to use an external source to correlate the IP addresses from my firewall logs to the DNS names of the matching computers. Is there another way to do this in Light?

0 Karma
Reply
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Deprecation of Splunk Observability Kubernetes “Classic Navigator” UI starting ...

Access to Splunk Observability Kubernetes “Classic Navigator” UI will no longer be available starting January ...

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...