Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Importing error code reasons from URL to Splunk query

NizanCohen
Explorer
‎11-09-2022 07:02 AM

Hi all.

My company is working with GlobalScope and I wish to enter their error code description to Splunk.

As of right now, I only get the error number and I need to go to their website and check what is each code. I was wondering if I can import the data from the website into my Splunk and include it on my queries.

Here's the url: https://kb.globalscape.com/Knowledgebase/10142/FTP-Status-and-Error-Codes

Labels (1)
Labels
0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎11-09-2022 11:58 PM

Absolutely.  Just put the table into a CSV file, e.g., like

CodeDescriptionDiscussion
100 requested action was initiated; expect another reply before proceeding with a new command.
110Restart markerreply. The text is exact and not left to the particular implementation; it must read "MARK yyyy = mmmm" where yyyy is User-process data stream marker, and mmmm server's equivalent marker (note the spaces between markers and "=").
120Service readynn minutes. (Informational)
125Data Connectionalready open; transfer starting. (Informational)
150File statusokay; about to open data connection. FTP uses two ports: 21 for sending commands, and 20 for sending data. A status code of 150 indicates that the server is about to open a new connection on port 20 to send some data.

Set up the CSV as lookup. (See Define a CSV lookup in Splunk Web.)  Then, suppose your data search returns a field named ftp_return_code.  In your search, add a lookup command

 

| lookup mylookup Code as ftp_return_code OUTPUT Description as ftp_return_description, Discussion as ftp_return_discussion

 

 

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...
Top