Hey Experts, I'm new to splunk and I'm trying to create a new lookup from data in a index=abc. Can someone please guide me on how to achieve this? Any help or example queries would be greatly a...
...ail_msg2* I have created a lookup file sample.csv with the following content Product,Feature,FailureMsg
ABC,DEF,fail_msg1
ABC,DEF,fail_msg2 I want to search if F...
...ilter this search with values of one field in a csv I import as lookup. Example: index="data" sourcetype="entities" | table EMAIL EXTERNAL_EMAIL CATEGORY And I have the inputlookup inputlookup 2...
Hi All,
I have lookup file with 2 columns, Col1 and SPL_Qry.
Each value in col1 will have associated Splunk query.
In Dashboard, if I select ant value from the Drop Down, associated Query s...
I am trying to create a table with # pyUserIdentifier pyStatusMessage Count of occurences 1 user1234 Couldn't connect to server 1 Our logs have the following json pattern. An...
Is there currently a capability in Splunk that will allow us search and compare the previous version of an input lookup to the current version of the input lookup to identify what has changed b...
I have a CSV of URLs I need to search against my proxy index (the url field), I want to be able to do a count or match of the URLs. my csv looks like this (with the header of the column called kurl)...
...est1" source="test2" run="test3"
| transaction source run startswith IN ("field1", "field2", "field3") endswith="status: PASS" Instead of using IN keyword for startswith, I want to use a csv lookup...
Hi,
As asked in the subject I trying to figure out the difference between lookup input lookup because I don't think I get it.
in this research for example:
&n...