×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
zewashere
New Member
Member since: ‎03-10-2023
‎03-10-2023
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎03-10-2023
Activity Feed
View All

Re: Matching value inside a lookup with wildcard.....

by in Splunk Search
‎03-10-2023 08:31 AM
‎03-10-2023 08:31 AM
one last things, i need to use wildcards for the search... the field src_light can have value like "dark yellow" or "deep red" and these colors need to match. ... View more

Matching value inside a lookup with wildcard?

by in Splunk Search
‎03-10-2023 08:27 AM
‎03-10-2023 08:27 AM
Hello, i'm new to Splunk and i need some advices. I've created a lookup named my_color_lookup, with 2 column : color,danger red,high yellow,medium green,low Then my base search is : sourctype=foo AND customer_id=520. This search returns me a quantity of event and has several fields. One of these fields is src_light. I want to create a new field "risk_level" in my event if src_light match with one color inside my lookup, i want my search to - add a value low or medium or high in the new field risk_level,  - leave the field risk_level if ther's no matching. Thanks for your help and suggestions ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎03-10-2023 12:05 PM