With latest 6.1.1 installation, the UI for adding alookupattribute to the data model seems not working any more. Not able to attach the screenshot to post (due to insufficient Karma), but this i...
Splunk 6.0
The title says it all. I want to adda specific lookup table attribute but the table is not in the dropdown list. In fact the dropdown appears to list about 85 tables accurately and i...
...ollowing eval command: | inputlookup <lookup value> | search ap_name=* | eval space_id = building_num + "-" + room The first hyphen within the AP name indicates the floor number the AP i...
...,APP01729
APP01729-af-wkr.service,APP01729 The idea with this lookup is to match the appid with one of the attributes that splunk have from a seach and then add the value of appName i...
...plunk/etc/apps/SA-Utils/lib/SolnCommon/lookup_conversion/output.py", line 147, in process_streaming_record
for field, value in [(k, v) for k, v in record.iteritems() if k != self.KEY_FIELD]:
Attribute...
Hi everyone. Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change any GPO in the domain it is logged under EventCode 5136. There is a CN name i...
I have 2 lookup files.
Am getting empnumber from one file and then trying to search for the corresponding email id from another lookup file.
Its working fine for until first non-matching e...
Hello Forum!
I have an attribute in my Data Model called 'Label' where each value is a CSV like "Epic, Internal, Magic"
I would like to be able to do a pivot table somehow where I am sorting b...
Hi, I was hoping to use alookup table to add some fields but it doesn't seem to do quite what I was hoping.
I have the following file, lookup.csv:
timestamp,host,env
2010-02-28 17:26:00,h...
I'm wanting to add the short ID that one can generate for a notable in IR. To the columns in Incident Review for our SOC to use. However, I can't find the proper attribute n...