×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
paoli28
Observer
Member since: ‎11-23-2022
‎12-06-2022
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎11-23-2022
View All

Re: Db-Sources-Why am I getting CSV Duplicated Rec...

by in Getting Data In
‎11-29-2022 02:26 PM
‎11-29-2022 02:26 PM
Thanks for the reply. Yes, the duplicates have different indexed time. Does this index change if I recreate my file each day? Because every time i extract from the DB the file is recreated with the new information, i mean i'm recreating the file not append on it. How can i change that indexed time?  Sorry if i'm asking something super basic, i am new in all of these and thanks for the help. ... View more

Db-Sources-Why am I getting CSV Duplicated Records...

by in Getting Data In
‎11-29-2022 07:51 AM
‎11-29-2022 07:51 AM
Hi! I'm starting with Splunk, so i really appreciate some help cause i've been stucked several weeks. I have a CSV file which its source is DB2, when i search in splunk the same query as in DB2, i can see i'm getting duplicated information in splunk. Example: in DB2 my query is select * from table where field=value and in splunk i'm doing  ((index="index1")(sourcetype="csv")(source="file.csv"))  | where field="value" | table field1 field2 field3 field4  Does anyone know what is happening or how can i solve this? I really don't want to use dedup because i may not be able to see how the data is changing after day. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎12-06-2022 11:34 PM