Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

In a text field, am I able to detect if a user entered an IP Address or a HostName?

baty0
Explorer
‎09-18-2018 04:36 PM

Hi,

In a text field, I would like to be able to detect if a user entered an IP Address or a HostName. At the moment, a user can search with Hostnames divided by a comma and it will do a search on HostNames. Is there a condition where, if the input is an IP address, it will look for IPadresses?

    <input type="text" token="server_lookup">
      <label>Server Lookup</label>
      <change>
      <condition if IP Address>
        <eval token="splitted_search">"IPAddress=\"".mvjoin(split(replace($value$," ",""),","),"\" OR IPAddress=\"")."\""</eval>
       <condition else>
        <eval token="splitted_search">"HostName=\"".mvjoin(split(replace($value$," ",""),","),"\" OR HostName=\"")."\""</eval>
      </change>
      <default>*</default>
    </input>

Thanks

0 Karma
Reply
Get Updates on the Splunk Community!

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...