Search
Find Answers
Ask questions. Get answers. Find technical product solutions from passionate members of the Splunk community.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Did you mean: Configure CST lockups
- Find Answers
- :
- Search
Search
Search the Community
137 results
Sort by:
05-02-2023
01:57 PM
1 Karma
I had a question about the csv lookup app for Splunk. I recently installed the app on one of our dev search heads and it works great. By default, it stores and finds lookups from the /export/opt/s...
Labels
- Labels:
-
configuration
-
installation
06-07-2017
10:50 AM
...p a [status] lookup with the following field definition:
"host","Error_Message","Error_Status","Time_Acknowledged"
The idea is that an administrator then uses a Workflow action to output the f...
03-20-2025
02:38 AM
...itre_data_sources.csv` lookup located at `$SPLUNK_HOME/etc/apps/Splunk_Security_Essentials/lookups/mitre_data_sources.csv` ## Clean Install - First 5 Id Name Data_Source Description Data_Component D...
Labels
- Labels:
-
configuration
-
other
-
troubleshooting
10-19-2013
07:16 AM
...Now I want to automate this as good as possible and thought about the following solution:
a) Configure Splunk to monitor a folder in which I'd copy the new XML-file once it has undergone one or m...
- Tags:
- outputlookup
- xml
07-15-2024
06:17 AM
Hello,
Anyone knows if we can use eval-ingest with lookup command in Splunk Cloud?
The problem is that in Splunk Cloud we can only add configuration via custom app in SH.
Eval-ingest in g...
Labels
- Labels:
-
configuration
05-10-2023
07:21 AM
07-14-2021
08:07 PM
Hi, Under lookups we have lookups as below lookups abcd.csv xyz.csv I could see configs in props.conf to map to these lookups props.conf LOOKUP-field1-field2 = abcd_lookup field OUTPUTNEW f...
Labels
- Labels:
-
configuration
-
troubleshooting
02-27-2013
11:26 AM
...hich are not being used. We are using the "policy_id" column in the lookup csv:
index="summary" policy_id=*
| inputlookup append=t policywithdescs
| rename PolicyID as policy_id
| stats count b...
- Tags:
- lookup
11-04-2014
10:23 AM
...Add_a_lookup_stanza_to_transforms.conf (and on through the other steps)
So I have a csv file under $SPLUNK_HOME/etc/apps/search/lookups/users.csv
The format of the file is
user,"full_name"
u...
Show results in replies (3)
-
...nd Automatic lookups configured. The Lookup tables file will basically list the files you have i...
-
...imple CSV files, you don't even need to configure anything to use it at search time. Here some c...
-
...yntax from the Exploring Splunk book by David Carasso in the section called: "Comparing Results to Lookup...
08-10-2017
09:27 AM
I know that using inputlookup will use a CSV file but is it possible to have a script create the CSV file that inputlookup will use?
I know I can use a scripted lookup but this requires a...
