×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
kimle
Engager
Member since: ‎11-21-2019
‎06-05-2020
Community Statistics
Posts 2
Solutions 1
Karma Given 0
Karma Received 0
Member Since ‎11-21-2019
Activity Feed
View All

Re: Why is CSV data with multiple values in one ce...

by in Splunk Search
‎11-22-2019 03:02 PM
‎11-22-2019 03:02 PM
I found a solution to my issue. I found an article abut fields.conf from https://docs.splunk.com/Documentation/Splunk/8.0.0/Knowledge/ConfigureSplunktoparsemulti-valuefields Using what suggested in the docs, I created fields.conf file in $SPLUNK_HOME/etc/system/local/. In this file, I added [my_fieldname] TOKENIZER = \S+ You can create a regex pattern to look to IPs, but in my case all of my IPs are separated by space, so I used the regex to get anything that is not non-whitespace and did the trick! Thanks everyone for helping! : ) ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM