Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
22 results
Sorted by:
06-07-2017
10:50 AM
...ollowing:
06/01/2017 09:23:45 server1 I am broken Unknown Unknown
06/01/2017 10:11:34 server2 I am not well Unknown Unknown
It looks like the Time-based...
02-06-2018
12:07 PM
I'm trying to configure a time-based lookup (temporal lookup) but it doesn't seem to be working as expected. Any advice would be great. Thanks! I'm using the Expiration field to configure time-based...
12-03-2020
06:28 AM
11-04-2014
10:23 AM
...MI:WinEventLog:Security" | lookup activeusers user (based on: http://stratumsecurity.com/2012/07/03/splunk-security/)
I also tried:
| inputlookup users.csv | search search sourcetype="W...
08-22-2012
10:40 AM
6 Karma
In a lookup file, how can I configure more than one time-based fields (ex. start_date , update_date , expire_date )?
Within this doc for configuring field lookups it appears to say that only o...
- Tags:
- lookup
04-07-2016
02:38 PM
1 Karma
...ommand, it generates two warnings "Script for lookup table 'LOOKUP NAME' returned error code 47. Results may be incorrect." And the same with error code 1.
Based on other threads here, I tried r...
07-11-2019
05:45 PM
...tamp for that date. I'd like to do this to save space on my indexer since I have limited resources to use.
I initially created a csv based lookup file with a search that pulled the _time and app v...
02-24-2015
07:48 AM
3 Karma
...s time-based. Once you've defined the lookup table, you can invoke the lookup in a search (using the lookup command) or you can configure the lookup to occur automatically.
11-03-2017
06:27 AM
...t;
I'm currently working on a dashboard that uses a PNG image as a background, with div tags used to define an area on the background (a rectangle) that will change color based on input read from a lookup...
11-22-2016
06:21 AM
...removed all existing file-based lookups.
changed searches in savedsearch.conf to populate KV Store instead of a traditional lookup.
I am able to configure & use KV Store without any issue....
