Single Splunk command to generate dummy data that ...

lukesplunklukes · ‎09-30-2018

Can someone advise on a single Splunk command that can be run in the search bar that will display dummy data? This was demonstrated by an instructor in the past but I can't remember what the command was

mjuestel2 · ‎01-16-2024

I believe the command you are looking for is scrub.

I attended .Conf last year where an instructor used this command to replace "real data" with dummy information, while keeping the format of the data.

This command comes in useful when wanting to anonymize the data, when passing it on to a 3rd party etc.

I use it when pasting data into 3rd party websites, to work on Regex extractions.

|scrub

PickleRick · ‎01-18-2024

Well... scrub can work strangely sometimes.

For example, scrubbing my firewall logs shows that my firewalls do actions:

- allowed
- blocked
- dropped
- mckenzie

🤣

woodcock · ‎11-28-2018

There is also | streambag.

woodcock · ‎11-28-2018

You can use | gentimes, too.

lweiss · ‎11-28-2018

Try this, it'll generate 100 dummy events for you.

| windbag

mstjohn_splunk · ‎10-01-2018

hi @lukesplunklukesplunk

Did the answer below solve your problem? If so, please resolve this post by approving it!
If your problem is still not solved, keep us updated so that someone else can help ya. Thanks for posting!

richgalloway · ‎09-30-2018

Perhaps it was | makeresults?

---
If this reply helps you, Karma would be appreciated.

lukesplunklukes · ‎10-01-2018

Thanks for answering but nope, thats not the one I was thinking of

Single Splunk command to generate dummy data that can be run in the search bar

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)