Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
8,000 results
Sorted by:
03-04-2021
08:46 AM
Hi All, Is it possible to perform Eval then perform lookup ? If the eval return null then perform lookupA.csv. If eval return notnull, then perform lookupB.csv thanks!
Labels
- Labels:
-
search
11-22-2020
05:39 AM
1 Karma
I'm new to Splunk and just wanted to understand how we can create automatic Lookup. If I can get an example that would be great.
09-21-2020
07:08 AM
1 Karma
Hi can anyone help me with a lookup table i have a 2 column lookup with column headings IPs and URLs, and i want to see if information in either csv field appears in the index data at a...
- Tags:
- lookup
Labels
- Labels:
-
lookup
Show results in replies (5)
-
...hat compares ether column of the lookup against data in the index using what you sent , would that b...
-
it works using a single column ( match) lookup with the syntax below, thanks for all your help i...
-
so is this the search i need to run below ? index=myindex ( [ | inputlookup my lookup | rename I...
-
i put an ip address i found in my data into the lookup to test the search, but it didnt bring b...
-
i tried breaking it down , but no results i have made a new lookup with two columns&n...
10-14-2019
02:51 AM
Hi,
I'm having an issue with a splunk lookup and I can't work out what the issue is. I have a lookup file, that among other things contains a mac address field and a hostname field
mac, n...
03-20-2019
01:17 PM
Hello All,
I just upgraded to the latest version of Splunk 7.2.5 and now when I search anything i recieve errors stating "Could not load lookup=LOOKUP-Browser"
I'm not sure what that is, I n...
- Tags:
- lookup
Show results in replies (3)
-
Hi, It looks like you had Lookup definition, Lookup file or Automatic Lookup with name B...
-
...ith multiple lookup error. Where I'm using cloud enterprise architecture then how could I able to c...
-
Copy/Paste command to find the culprit: /opt/splunk/bin/splunk btool props list --debug |grep LOOKUP...
3 weeks ago
Hi, There is an alarm monitoring the 4733(A member was removed from a security-enabled local group ) events. When this alarm is triggered, I want the user to be deleted from the users.cvs lookup...
Labels
- Labels:
-
alert action
-
other
11-02-2017
10:58 AM
3 Karma
Hi,
I'm a bit confused with the lookup command, I.e the syntax.
lookup <lookup-table-name> <lookup-field1> AS <local-field1>, <lookup-field2> AS <local-field2> O...
Show results in replies (4)
-
Here's a pretty simplistic use case. You have a lookup table called "full_user_names.csv", and it c...
-
Lets take an example to understand the command better. Assume there is lookup table which give S...
-
This is by far the most easy-to-digest example of using and understanding the lookup command that I...
-
...side from the lookup fields, since they are being matched upon) If OUTPUT is specified, only t...
4 weeks ago
Hi, When an alarm is triggered, I want a field inside the event (e.g user) to be added to a preexisting lookup file. How can I do? Thanks,
Labels
- Labels:
-
alert action
03-26-2019
11:00 AM
...wo errors per indexer:
Could not load lookup=LOOKUP-minemeldfeeds_dest_lookup
Could not load lookup=LOOKUP-minemeldfeeds_src_lookup
Can anyone point me in the right direction for a s...
03-17-2021
06:31 AM
Hello i have two lookup tables from the first i want to take the field "created_by" from the second i want to compare the "created_by" fields from the first lookup and check if the field "d...
Labels
- Labels:
-
development
Show results in replies (4)
-
So, you can use below; | inputlookup first_lookup | lookup second_lookup eventtype as c...
-
i'm getting this error: Error in 'lookup' command: Could not find all of the specified lookup f...
-
Hi @sarit_s, Please try below; | inputlookup first_lookup | lookup second_lookup c...
-
Hey, Thanks for your reply i think i forgot to mention that in the second lookup the field has d...
