Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
1,000 results
Sort by:
01-05-2024
10:29 AM
Hi All, The Bloodhound TA creates a KV store lookup. I've been asked to take the entries in the KV store and turn them into events. I've setup an alert, but I'm not seeing the alert fire...
- Tags:
- alerts
- inputlookup
Labels
- Labels:
-
fields
Show results in replies (3)
-
The outputlookup should have been inputlookup. My brain slipped a gear when I was entering t...
-
...Where does the outputlookup come into play here? I dont see it in you SPL shared but it is in t...
-
Just a follow up, are you readjusting the cron schedule to fire soon after making the adjustment to...
08-01-2024
10:04 PM
Hi, I want to rename the fields while writing to a lookup table using outputlookup command. Is there a way to do it? I intend to use the lookup table in the next run of the same query so want s...
09-13-2023
01:31 PM
Hello, How to outputlookup csv with permission? ***Note that I am not Splunk admin - I only have access to Splunk GUI*** Please help. Thank you so much For example:&n...
Labels
- Labels:
-
lookup
Show results in replies (5)
-
...ocation inside the app. Then when you run outputlookup, you will be updating the one i...
-
Hello, You said "You should change the permission to app before you do the outputlookup" Do y...
-
...efore you do the outputlookup.
-
...nd upload a dummy csv. You can then define the permissions on the csv and outputlookup will then n...
-
...plunk/etc/users/[myuserID]/testapp/lookups/test.csv When I used outputlookup, it wrote the same t...
03-28-2019
04:39 PM
Hello Gurus,
I'm trying to generate a lookup from a search using the outputlookup option but running into some issues.
My search returns between 400 & 500 results on the Statistics tab, b...
11-22-2021
04:59 PM
...ommand to get new records in last 24hrs
| bunnch of evals to format data
| append
[| inputlookup MispKVstore]
| dedup
| outputlookup append=false MispKVstore We have this running 3...
Labels
- Labels:
-
search head
07-15-2015
02:09 AM
5 Karma
Could anyone tell me the difference between outputlookup and outputcsv?
If there no differences, is there any specifications to use the above in various circumstances?
Regards,
Naga
06-17-2010
08:19 PM
7 Karma
Does the outputlookup command overwrite or append to the existing specified lookup file? The documentation does not clarify: http://www.splunk.com/base/Documentation/latest/SearchReference/Outputlookup...
- Tags:
- command
- outputlookup
Show results in replies (4)
-
...he outputlookup myoldfile , e.g., stats count by host,hostip | fields - count | inputlookup a...
-
...estlookup.cvs | outputlookup testlookup.csv
-
It will overwrite. Because of this, the |outputlookup command is well suited to being used in s...
-
I'm not sure if you are aware of this issue(splunk 5), but when I've outputlookup with append=t...
08-04-2020
08:40 AM
Does anyone know how the outputlookup command is configured? commands.conf does not reference a python script for it. I want to change how new files are created so that they are private and a...
- Tags:
- commands.conf
- python
Labels
- Labels:
-
lookup
Show results in replies (5)
-
Hi @splunkettes Please guide how you created the custom search command similar to outputlookup...
-
...bsp; [outputlookup] create_context = user per the documentation: [outputlookup] c...
-
Outputlookup is a built-in command without an external Python script.
-
...hat I have created that does what I want the outputlookup command to do but it would require all u...
-
Decided to resolve the issue by creating a custom command to reassign lookup files from nobody to t...
02-07-2022
05:06 PM
...rite the new email addresses to another lookup. The issue I have is that I get duplicates as this search runs once a week. Is there a way I can avoid duplicates using outputlookup? Dedup i...
- Tags:
- lookup
- outputlookup
Labels
- Labels:
-
lookup
06-18-2020
01:08 AM
Hi,
I use a scheduled search in order to generate a CSV lookup automatically:
patch
| table Computer Site OSVersion
| rename Computer as host
| outputlookup...
Labels
- Labels:
-
scripted input
