Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Importing error code reasons from URL to Splunk query

NizanCohen
Explorer
‎11-09-2022 07:02 AM

Hi all.

My company is working with GlobalScope and I wish to enter their error code description to Splunk.

As of right now, I only get the error number and I need to go to their website and check what is each code. I was wondering if I can import the data from the website into my Splunk and include it on my queries.

Here's the url: https://kb.globalscape.com/Knowledgebase/10142/FTP-Status-and-Error-Codes

Labels (1)
Labels
0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎11-09-2022 11:58 PM

Absolutely.  Just put the table into a CSV file, e.g., like

CodeDescriptionDiscussion
100 requested action was initiated; expect another reply before proceeding with a new command.
110Restart markerreply. The text is exact and not left to the particular implementation; it must read "MARK yyyy = mmmm" where yyyy is User-process data stream marker, and mmmm server's equivalent marker (note the spaces between markers and "=").
120Service readynn minutes. (Informational)
125Data Connectionalready open; transfer starting. (Informational)
150File statusokay; about to open data connection. FTP uses two ports: 21 for sending commands, and 20 for sending data. A status code of 150 indicates that the server is about to open a new connection on port 20 to send some data.

Set up the CSV as lookup. (See Define a CSV lookup in Splunk Web.)  Then, suppose your data search returns a field named ftp_return_code.  In your search, add a lookup command

 

| lookup mylookup Code as ftp_return_code OUTPUT Description as ftp_return_description, Discussion as ftp_return_discussion

 

 

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...