Hi Splunkers, I have an issue witha search that usealookup. I know here on community there are a lots of post on this argument, but event reading them I'm still in struck. My search must simple m...
I have two lookups. One consists of the allowed URLs. The other consists of the URLs from a firewall. For example in the first google.com
dummy.com In the s...
I am running a search job to view Vulnerability results/data. The search runs every week Saturday evening. I want to dump the results into alookup file which will run automatically e...
...Dashboards etc.
The bit that has me stuck is lookups. We have a number of lookups that define things like alert thresholds, etc. ATM, these are all set up in a centralized fashion withall c...
I want to usea database lookup to populate a Pulldown module.
Is there a way to output the contents of a database lookup? Witha static CSV file lookup, I can use | inputlookup filename.csv a...
...History.
Use "Sideview Util -The Lookup Updater" to add/update data (data is not deleted) in base CSV lookup file. All changes (add/updated) should go to lookupHistory index with updated t...
Splunk doc says, Expected Views list specifies Splunk Enterprise Security views that are monitored on a regular basis. But what are these views monitored for ? What do I need to a...
Hi There,
I am currently looking at a search within Splunk Security Essentials (Concentration of Attacker Tools by Filename).
The search mentions a file named "tools.csv", which I assume is a l...
Hi,
for some reason I'm not able to read uploaded csv files (in this case lookupA.csv) in the Lookup File Editor. The app never completes "Loading lookup file".
Using
| inputlookup lookup...