Solved: Re: Splunk Automatic Lookups and Capitlization

jmcclure · ‎04-04-2018

What is a work around for case sensitive automatic lookups? I am trying to build out an automatic lookup for users and the users are all different types of capitilization. I am doing a pull from ldap dropping it into a CSV and then having a custom Splunk command execute a python script that that duplicates every row with different user capitilization. BUT I still am having issues with one offs...

I know caculated fields could work BUT they are after lookups in searchtime calculations

starcher · ‎04-04-2018

See option for case_sensitive_match =

In the lookups stanza for transforms.conf
https://docs.splunk.com/Documentation/Splunk/7.0.3/Admin/Transformsconf

View solution in original post

starcher · ‎04-04-2018

See option for case_sensitive_match =

In the lookups stanza for transforms.conf
https://docs.splunk.com/Documentation/Splunk/7.0.3/Admin/Transformsconf

jmcclure · ‎04-04-2018

Will that work with CSV lookups or jsut KSV? I'm diong a pull from Active Directory, dropping it into a CSV file and then creating lookups

Splunk Automatic Lookups and Capitlization

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join the Conversation

Splunk Automatic Lookups and Capitlization

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk