...ail_msg2* I have created a lookup file sample.csv with the following content Product,Feature,FailureMsg
ABC,DEF,fail_msg1
ABC,DEF,fail_msg2 I want to search if F...
...ilter this searchwith values of one field in a csv I import as lookup. Example: index="data" sourcetype="entities" | table EMAIL EXTERNAL_EMAIL CATEGORY And I have the inputlookup inputlookup 2...
Hi, The lookupfield values must match the field values returned by the query, and the results must be shown as yes/no depending on whether the match happens. but we are unable to match and are u...
...ead and seen tstats only works with indexed fields but not fields that are being extracted at search time? so I guess my question is how could I use tstats and still incorporate the above fields and lookups...
Hello Splunk members! I have a CSV Lookup file with 2 columns ClientName HWDetSystem BD-K-027EY VMware I have an index with ASA Firewall log which I want to search...
...he lookup data. I wanted to run the whole thing in the "background" so that the users do not have to run it as a search string. I also tried to use calculated fields to build one from two field...
...hould be 2 ]
If any of these 2 fields value is matching with the lookup hostname, then it should be considered. I tried rename command. Please provide your inputs..
I'm trying to format a search in which I have a lookupwith one column, this column includes malicious email addresses, "indicator" is the field. Now I would like my search to return any events t...
I have users.csv as a lookup file with almost 20K users. I'm writing a query for authentication events for a specific time range for all these users. CSV file has only one column with t...
...bsp; I can't seem to figure out how to go about this. I have no problem breaking apart the multivalue and rejoining it, I just can't figure out how to do a lookup that falls within a two fields... R...