Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
12 results
Sorted by:
a month ago
Hello Splunkers! We have a situation here and need your help and experience. We are looking for best practice to work with Large CSV files (1Million Rows at least) to produce fast searches a...
Labels
- Labels:
-
other
07-30-2019
08:58 PM
Creating Lookup Definition (transforms stanza) can be done on Splunk Web UI. But since we need to point a kv definition to a collections.conf, we must have that stanza in collections.conf. How do w...
06-22-2015
01:42 PM
1 Karma
I am setting up permissions for kv store collections.
I tried to give permission in local.meta in my app for all the collections, but still getting
" Error in 'outputlookup' command: the lookup...
05-08-2018
03:59 AM
Has anyone figured a way to make kv-store lookups NOT case sensitive on field values? If so, how?
We're about to migrate users to a new search head cluster where all large (> 20 MB) public lookup...
10-03-2019
01:54 AM
Hi splunkers,
I need to enrich the Checkpoint Firewall logs with the username in my corporate VPN logs.
On a first sourcetype, I have the name of the user with his DHCP IP address in the VPN (f...
05-22-2014
02:46 AM
13 Karma
...eyword splunkAddfields accum addinfo addtotals delta eval iplocation lookup multikv rangemap relevancy strcat contained
syn keyword splunkExtractfields erex extract kv kvform rex spath xmlkv c...
12-27-2018
07:49 AM
I created a test KVStore in order to familiarize myself with the API. It has about 20 records in it, all of which are listed under the user nobody (viewable from search). However, when running |in...
12-21-2017
06:49 PM
how can i combine queries to populate a lookup table?
I have a lookup table with the following values
item
1
2
3
i'm using the splunk web framework to allow a user to insert an item....
03-24-2018
01:00 PM
...he manually edited data on a lookup table (csv), join those fields to my search, and present it in my table. I tried to think about a way of letting the user edit those fields, so I setted a d...
01-15-2015
04:22 AM
Hello all,
We are having some problems defining a time-based kvstore lookup on Splunk 6.2.0.
We tried defining a similar time_based csv lookup and it works!
kvstore time-based lookup defin...
