Solved: Re: Show User's Full name in Last Month Activity

andrewkenth · ‎12-03-2013

I'd like to show the user's Full name field in the results instead of the login. Is this possible with a simple search?

somesoni2 · ‎12-03-2013

Following query gives list of all users-login (field-title) and their full name (field-realname) as specified in the User Profile.

| rest /services/authentication/users splunk_server=local | fields title, realname

You can join this query in your main search to get the user's full name.

somesoni2 · ‎12-03-2013

Following query gives list of all users-login (field-title) and their full name (field-realname) as specified in the User Profile.

| rest /services/authentication/users splunk_server=local | fields title, realname

You can join this query in your main search to get the user's full name.

lukejadamec · ‎12-03-2013

Need quite a bit more data here.

For starters, what operating system?
What sourcetype?

Show User's Full name in Last Month Activity