Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
10,000 results
Sorted by:
07-14-2021
08:07 PM
Hi, Under lookups we have lookups as below lookups abcd.csv xyz.csv I could see configs in props.conf to map to these lookups props.conf LOOKUP-field1-field2 = abcd_lookup field OUTPUTNEW f...
Labels
- Labels:
-
configuration
-
troubleshooting
07-18-2021
08:48 PM
Hi, In lookup definition, IT_server_list is created in lookup definition which is mapped to CSV named (server_list.csv) In Lookup Table, server_list.csv file is there In automatic lookup, I...
Labels
02-08-2023
02:34 AM
Hello Splunkers,
Please if someone can help me with a Splunk query,
I have a list of IPs I imported in lookup table, I want to grab the FW traffic where dest_ip in the FW logs matches my lookup l...
Show results in replies (4)
-
...o rename one of them to have the same field name in both. So if the field in the lookup is called "b...
-
...his search I'm telling my dest_ip value from the indexed field should match my lookup field "b...
-
Hi @mohsplunking, lookup command is used to enrich results with the content of the lookup j...
-
Thanks a billion @gcusello it was great explanations from you I got the results I ...
12-23-2022
05:29 AM
Hi at all, In Enterprise Security, I'm trying to customize a Suppression Rule inserting a lookup containing the ip addresses to whitelist in one Correlation Search, using this search: &n...
Labels
- Labels:
-
other
04-07-2022
12:33 AM
I am looking for some tool/way to get the Splunk index/lookup usage in the system
for example to get all lookups that are not used in the system
what is the best way to do it ?
Labels
- Labels:
-
other
01-10-2023
11:05 AM
...ombination from the results.
The following query allows for excluding source_ip from the lookup table. How would I be able to exclude source_ip and destination_ip combination?
index=f...
Labels
- Labels:
-
alert condition
08-09-2022
06:27 PM
The scenario is,
A lookup csv has become unreadable. A lookup definition exists for it.
The lookup was deleted and recreated. The existing definition was not changed.
My q...
Labels
- Labels:
-
lookup
01-06-2023
01:33 PM
I am trying to match results to ONLY the names in a list I have using a lookup. I cant figure out for the life of me what I am doing wrong, been trying every single variated on lookup and i...
- Tags:
- lookup
- splunk-search
Labels
- Labels:
-
other
Show results in replies (4)
-
It sounds like you want a subsearch that incorporates the lookup file into the base search. &n...
-
I might be going about this the wrong way then. The original goal was to take the results of ...
-
...he lookup file). That list of fields and their values then are added to the end of the last c...
-
That did it, and I had return username in there at one point thru my 100 different variations, just...
12-26-2022
10:29 PM
Hello everyone,
I got several fields in search result (name, ip_src). Now I have lookup with 2 columns:
name
subnet
name1
10.10.10.1/24
name2
10.20.10.1/2...
03-30-2023
07:52 AM
Is something like this possible?
index=main sourcetype=iis
host IN (| inputlookup serverlistA.csv)
I think the problem may be that inputlookup is a generatin...
Labels
- Labels:
-
eval
