cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
silviuchiric76
New Member
Member since: ‎01-29-2020
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-29-2020
View All

Re: How to combine information from 2 different so...

by in Splunk Search
‎01-29-2020 04:17 AM
‎01-29-2020 04:17 AM
I am interested for an inner join after email.users_with_email = eea:loghandler.user ... View more

How to combine information from 2 different source...

by in Splunk Search
‎01-29-2020 04:06 AM
‎01-29-2020 04:06 AM
Dear all I have 2 data sources: logs forwared to the server as : sourcetype=eea:loghandler and lookup definition file as users_with_email file called users_with_email.csv I have a key field in both sources the same: in sourcetype=eea:loghandler is called user with values like firstname.lastname@domain.com and in lookup definition file I have email field, same value firstname.lastname@domain.com and this is the case for all users I need to get an aggregated reports of users from sourcetype=eea:loghandler by joining the department field from lookup definition file users_with_email(users_with_email.csv) When I try to make an OR: sourcetype=eea:loghandler OR inputlookup users_with_email got no results ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM