×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
jkoepsell
Engager
Member since: ‎11-03-2010
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎11-03-2010
Activity Feed
View All

How can I associate and display uncollected user d...

by in Splunk Search
‎11-03-2010 06:11 PM
1 Karma
‎11-03-2010 06:11 PM
1 Karma
Hello, When performing a search, can Splunk perform a DB2 database lookup of uncollected user data, associate it with logged user data and display both logged and unlogged user data in the search results? Could somebody please explain how I go about doing this? For example, we have Splunk currently set to log a subset of user information data: UserName and ContractNumber. When performing a search in Splunk, we would like the results to associate additional user data contained in our DB2 server (e.g., FirstName & LastName), with the data collected by Splunk and display all data in the search results (e.g., UserName, ContractNumber, FirstName & LastName). Can anybody point me in the direction of any tutorials, sample queries / programs or sagely Splunk gurus out there that can help figure this out? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:02 AM
Karma from
View All