I have a customer that would like to use Splunk to search for a set of devices by their respective barcodes.
The devices (barcodes) will come from an external list that will be placed in a separate index. For this scenario, the separate index will be referred to as "index 2". Additionally, the barcodes from the external list (which reside in index 2) will need to be matched to their respective organizations.
These organizations reside in a separate index. For this scenario, the separate index (where the organization resides) will be referred to as "index 1".
In a nutshell, the customer would like to compare the list of barcodes in index 2 and compare it to index 1 and see if they match any organizations.
Finally, if the a barcode (index 2) matches an organization (index 1), the customer would like to list all information associated with the barcode (i.e. hostname, serial number, organization name, etc.) that matched the organization.
Thank you in advanced for your help! 🙂
... View more