Lookup file `tenants.csv`   tenant, tenant1, tenant2, tenant3, tenant4,   Desired query   index=index1 (tenant1xxx OR tenant2xxx OR tenant3xxx OR tenant4xxx)   I'm having a tough time getting this work.  Trying lookup is not working because I am not searching any existing fields.  Subsearching with inputlookup is not working at all, not sure why. So in a nutshell, I'm trying to inject (not just each value from the lookup file but also appending `xxx`), as an OR list of raw strings.  Any ideas?  

Hello, How to add space on a text on a single value?     Thank you for your help Adding spaces did not have any affect.  I was trying to align the text to the left   | makeresults | eval test="this is a test " | table test   If I added period,   it worked   | makeresults | eval test="this is a test..........................." | table test      

Hi , I was wondering what features does Splunk offer in auditing workload in DB2 z/OS. We are looking to audit a bunch of users in DB2 z/OS using SPLUNK. I would like to know what is possible with Splunk and what is not.   Thank You.

As the title suggests, our system needs a proxy to hit our SAML2 authentication service, but I don't see an option to provide a proxy, or to provide an attribute to describe a proxy like we can do in the apps. Can someone please suggest documentation? Thank you!

I need to mask data before it being index. my sample his log structure. "2023-11-02 06:53:00 xx.xxx.xxx.xx GET /Security/Security/Logon 123 - xx.xxx.x.xxx Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/86.0.4240.198+Safari/537.36=RDPword=jsndksjs834u935=PDUserId=jsndksjs834u935=PDPword=jsndksjs834u935=RFuser=&securityToken=xxxxxxxx 200 0 0 14" I need to match highlights in green "RDPword=jsndksjs834u935", and "PDPword=jsndksjs834u935" I am using regex this matching the following which I don't want it match  "PDUserId=jsndksjs834u935=" RDPWord=([^=]+)=PDUUserId=([^=]+)=PDPWord=([^=]+) Can someone help me  Thanks