Hi
I have separate machines for a Search Head and Indexer. InSplunkWeb on the Search Head, I went through the different steps as shown in the Splunk tutorial to defineautomaticlookup based o...
I have kvstore which generate the data by API.
when I use | lookup mylookup id output data - its working
I want to convert it to automaticlookupin some index, but its not working....
...enerates the output file.
My question is, how do I get the lookup table to update automatically whenever a new file is placed in the specified location?
If I define a lookup using the Web GUI, would t...
I'm using lookup but don't know how to do a partial match instead of an exact match
Example: 10.20.30.40 is in the list, and I want to get the result of URL=https://10.20.30.40~, is that possible?
Hi, I'm trying to get wildcard lookups to work using the "lookup" function. I've followed guidance to set up the "Match Type" for the fieldin the lookupdefinition as per Define a CSV lookupinSplunk...
Hello, How to perform lookup on inconsistent IPv6 format in CSV file from index? For example: Index has collapsed format of IPv6: 2001:db8:3333:4444:5555:6666::2101 CSV has expanded f...
...ummary index for when type=alert and have an email generated containing all the fields for that event.
The problem is others using this search head have defined many different automaticlookups t...
Creating LookupDefinition (transforms stanza) can be done on SplunkWeb UI. But since we need to point a kv definition to a collections.conf, we must have that stanza in collections.conf. How do w...
Hi, so my team is currently has some data on Splunk cloud. My task is to use your REST API to get this data using python.
On Splunkweb I get this data by using the following query:
&n...