Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
120 results
Sorted by:
05-02-2023
01:57 PM
1 Karma
I had a question about the csv lookup app for Splunk. I recently installed the app on one of our dev search heads and it works great. By default, it stores and finds lookups from the /export/opt/s...
Labels
- Labels:
-
configuration
-
installation
07-14-2021
08:07 PM
Hi, Under lookups we have lookups as below lookups abcd.csv xyz.csv I could see configs in props.conf to map to these lookups props.conf LOOKUP-field1-field2 = abcd_lookup field OUTPUTNEW f...
Labels
- Labels:
-
configuration
-
troubleshooting
05-10-2023
07:21 AM
06-07-2017
10:50 AM
...p a [status] lookup with the following field definition:
"host","Error_Message","Error_Status","Time_Acknowledged"
The idea is that an administrator then uses a Workflow action to output the f...
10-19-2013
07:16 AM
...Now I want to automate this as good as possible and thought about the following solution:
a) Configure Splunk to monitor a folder in which I'd copy the new XML-file once it has undergone one or m...
- Tags:
- outputlookup
- xml
01-27-2023
03:28 PM
...lready have the bucket matrix in a lookup csv file. I have played with using format command to generate the appropriate nested boolean AND/OR search logic with a foreach loop but foreach d...
Labels
- Labels:
-
development
-
using Splunk Enterprise
08-10-2017
09:27 AM
I know that using inputlookup will use a CSV file but is it possible to have a script create the CSV file that inputlookup will use?
I know I can use a scripted lookup but this requires a...
02-27-2013
11:26 AM
...hich are not being used. We are using the "policy_id" column in the lookup csv:
index="summary" policy_id=*
| inputlookup append=t policywithdescs
| rename PolicyID as policy_id
| stats count b...
- Tags:
- lookup
01-22-2020
06:01 PM
...o configure the lookup that if it already finds a match, it won't go through the rest of the lookup file? For the query, I'm just using a straight forward lookup command:
| lookup <Lookup> K...
11-04-2014
10:23 AM
...Add_a_lookup_stanza_to_transforms.conf (and on through the other steps)
So I have a csv file under $SPLUNK_HOME/etc/apps/search/lookups/users.csv
The format of the file is
user,"full_name"
u...
Show results in replies (3)
-
...nd Automatic lookups configured. The Lookup tables file will basically list the files you have i...
-
...imple CSV files, you don't even need to configure anything to use it at search time. Here some c...
-
...yntax from the Exploring Splunk book by David Carasso in the section called: "Comparing Results to Lookup...
