Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
489 results
Sorted by:
05-10-2023
07:21 AM
Hello,
I have 2 csv files created using outputcsv. Because of their size (500K records +) AND because they are really data sources and not true lookups (requiring bundle replication) outputcsv a...
- Tags:
- compare
Labels
- Labels:
-
lookup
Show results in replies (5)
-
If you are trying to use outputcsv to create LOOKUP files that can be used as lookups - you can't....
-
Have you tried the inputcsv command?
-
@richgalloway A lookup file created using the | outputcsv command is not accessible to t...
-
...nputcsv command, the logical counterpart to outputcsv.
-
...ile is created with the | outputcsv command, it is not available to be used with the | lookup c...
07-15-2015
02:09 AM
5 Karma
Could anyone tell me the difference between outputlookup and outputcsv?
If there no differences, is there any specifications to use the above in various circumstances?
Regards,
Naga
03-31-2023
05:09 AM
Hi, Can someone recommend a way to save the results of a Splunk search locally or to shared drive? We`re using a hybrid deployment (Cloud and Enterprise), but the data we require is available in Clo...
Labels
- Labels:
-
CSV
02-03-2012
02:34 AM
2 Karma
...ields - _* | outputcsv results.txt
The problem is that each time the search runs, results.txt gets overridden. I would like to automatically append the time and date to the name of the file Eg. results_3-2-1...
- Tags:
- outputcsv
Show results in replies (6)
-
...ipeline, including after outputcsv . By default however, a subsearch returns a string that is f...
-
outputcsv uses double quotes to enclose some fields. It shouldn't be enclosing complete lines.
-
..... Any Ideas? my command: outputcsv [ search * | head 1 | eval query="All_lab_new_".strftime(n...
-
That's good, but here's a less ugly one 🙂 <my search here> | outputcsv [ | stats c...
-
...ml as raw | fields raw | fields - _* | outputcsv [search * | head 1 | eval query="results".strftime(n...
-
..._%H%M") iseval = 1 Then your search would look like this: <my search here> | outputcsv...
11-04-2011
08:17 AM
2 Karma
Is there a way to remove the Header column row after performing the outputcsv command during a Splunk search?
08-11-2014
05:42 AM
Outputcsv command will export the log to a csv file in var\run\splunk location. I have used only enterprise trial version of splunk and i want to know how will it be in real scenario where we have m...
- Tags:
- outputcsv
02-07-2012
12:16 AM
Hi all,
I am using the outputcsv command to export the results to a text file as follows:
| outputcsv results.txt
This exports the results to $SPLUNK_HOME/var/run/splunk/results.txt
Is t...
Labels
- Labels:
-
other
05-09-2013
10:55 AM
...hould work with some tweaking i suppose?
| inputcsv append=true edge_lookup.csv | eval dns=somehost.somedomain.com | eval ip="199.156.128.1" | eval country=mexico | outputcsv edge_lookup.csv
I...
08-14-2019
02:55 AM
...ost_to_trigger triggertime| fields - _raw | outputcsv rtetriggering_ICP.txt
| where isnotnull(host_to_trigger) and isnotnull(decision)
| map maxsearches=20 search="dbxquery query=\"call S...
02-17-2023
05:58 PM
index=my_index [search is here] | outputcsv mycsv.csv After saving the search results into mycsv.csv file, can I access the file via search head? | inputlookup mycsv.csv&n...
- Tags:
- outputcsv
Labels
- Labels:
-
correlation search
