Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Ask a Question

How to use search a CSV lookup file within an App via Python SDK?

BrentRiva
Explorer
โ€Ž07-24-2015 07:58 AM

I'm working in Python and trying to use the SDK to search from a program. One of the apps I have installed uses a lookup table (CSV file) to add fields to events, and I'm trying to search on those events (specifically, the CSV file in the app adds 'costcenter=___' to the data, and I'm trying to search for a specific call center).

As I don't know how to do this, my searches right now are returning 0 results. Is there a place I can read up on this, or is the answer easy enough to answer here?

Edit: Would namespace=<app_name> work?
Thanks!

0 Karma
Reply

BrentRiva
Explorer
โ€Ž07-24-2015 08:17 AM

Namespace= seems to be working, but I'm getting much less results than normal, though (1 million on the website vs. 260 on the API call). I think this is the answer, but I'll wait until a more definitive answer is posted.

0 Karma
Reply