Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
1,187 results
Sort by:
05-29-2025
10:53 AM
...ave the same base. However, the domain matching appears to the strict and wildcards are not matching. For example, users may have emails like: a@temp.mydomain.com b@perm.mydomain...
Labels
- Labels:
-
configuration
05-27-2024
10:44 AM
...sing the below query to exclude 1st set of events. I have created WILDCARD(message) match_type
| lookup vtest message OUTPUT message as exclude_message
| search NOT (e...
Labels
- Labels:
-
lookup
12-27-2023
07:31 AM
Hello everyone, I'm a beginner in using Splunk. I'm facing an issue in finding a search solution for the following idea: I'm logging the deletion behavior of files, and I have whitelisted some import...
Labels
- Labels:
-
lookup
12-09-2021
03:27 AM
Hi, I'm trying to get wildcard lookups to work using the "lookup" function. I've followed guidance to set up the "Match Type" for the fieldin the lookup definition as per Define a CSV lookup in S...
Labels
- Labels:
-
lookup
07-18-2024
01:14 AM
Hello, I would like to obtain a list of all domains that did NOT match my lookup file which is composed of wildcard domain here is an example : Lookup file domain *adobe.com* *perdu.com...
09-19-2013
09:09 AM
1 Karma
I need some help on the syntax of wildcards in the search. I have multiple servers and I don't want to keep using OR. For example I have "server01" through "server21" and I sometimes want to just p...
07-08-2022
11:01 AM
We are trying to filter out events from a Syslog server that is ingesting data for a number of sources but the one we are trying to filter is from our Meraki devices. Each Meraki is considered ...
Labels
- Labels:
-
props.conf
08-30-2024
10:18 AM
...ound in the logs, but expected. The lookup has a lookup definition defined, so that FileName can contain wildcards, and this works for matching the wildcarded filename to existing events, with o...
01-31-2019
05:41 AM
1 Karma
Im trying to set a boolean based on a match in a string.
I want to set a value to 1 if it does not match ingestion* and set it to 0 if it does match.
The following example shows the problem:
...
