Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
7,000 results
Sort by:
10-08-2024
09:39 PM
...pecific set of users. The problem is that there are about 130 users and I tried specifying the users in the search using (Account_Name=user1 OR Account_Name=user2 OR Account_Name=user3.......) I t...
03-07-2022
10:06 PM
I try to edit lookup file through the lookup file editor, but below message is shown. The file is too big to be edited (must be less than 10 MB) Is there any workaround other than reducing the lookup...
Labels
- Labels:
-
data model
-
lookup
09-06-2023
07:03 AM
Greetings. I am quite new to Splunk and read a lot of sources. However, I have a hard time to find my answer about the join and eval functions. I have a first search on an index. I want to f...
Labels
- Labels:
-
subsearch
12-01-2014
12:58 AM
...あれば教えてください。
※追記※
outputlookup関数で月の初めに人事データをcsvファイルで出力したとしても、その月に対応するlookupを手動で作成する必要があると考えています。
この部分(ルックアップテーブルファイル - ルックアップ定義 - 自動ルックアップ)を自動化する方法はありますでしょうか?
検索をしていても、「自動ルックアップ」に関する部分しか出てこず...
05-21-2024
10:49 PM
Please tell me about the lookup operation. 1. when you register a new lookup table file (CSV) from the GUI, you can immediately refer to it on the search screen. | inputlookup “lookup.csv...
05-10-2024
02:21 PM
I am seeing the following alert on the Searching and Reporting App and also within the InfoSec App for Splunk. [idx-1,idx-2,sh-2] Could not load lookup=LOOKUP-threatprotect-severity I am not sure h...
Labels
- Labels:
-
lookup
07-18-2022
02:13 AM
Hi,
As asked in the subject I trying to figure out the difference between lookup input lookup because I don't think I get it.
in this research for example:
&n...
Labels
- Labels:
-
lookup
Show results in replies (7)
-
...ot sure about it's sense, probably it's mandatory in kv-store lookups. Anyway, add always lookup's d...
-
ok and you can stipulate more than one ?
-
Hi @gcusello, A question at the end of the first line (see the begining of the threat). yo...
-
Hi @darphboubou, when you use a subsearch, you have to specify which fields of the subsearch ...
-
Hi @darphboubou, yes all the fields you want, but if you use more fields ad key, the exact co...
-
thanks for you quick resply 🙂
-
ok no need comma or semin column between the searched fields ?
03-20-2025
02:38 AM
...itre_data_sources.csv` lookup located at `$SPLUNK_HOME/etc/apps/Splunk_Security_Essentials/lookups/mitre_data_sources.csv` ## Clean Install - First 5 Id Name Data_Source Description Data_Component D...
Labels
- Labels:
-
configuration
-
other
-
troubleshooting
04-28-2016
12:10 PM
4 Karma
KV store lookups are failing with the following error:
Error in 'inputlookup' command: External command based lookup 'kvstore_lookup' is not available because KV Store initialization has failed....
03-31-2025
07:06 AM
I've got a question about lookup tables, and how to audit them. I have a rather large lookup table that's being recreated daily from a scheduled correlation search. I don't know if any other c...
Labels
- Labels:
-
lookup
