I am trying to figure out how to display all of the reverse matches in a list by each event. This would include showing the original event and all events that match with that event except for having the fields reversed. For example:   Foo Bar   Would be displayed along with all reverse matches represented by:   Bar Foo    So if there were a thousand or so values, it would go down the list and find all reverse matches.   Foo Bar | Bar Foo | Bar Foo | Bar Foo ----------------------------- Hello There| There Hello | There Hello ----------------------------- Src Dst | Dst Src | Dst Src | Dst Src | Dst Src   I am not sure where to go from here (https://wiki.splunk.com/Deploy:Combine_bi-directional_network_logs). Using the example from this page, if I wanted to find bidirectional communications using these logs:   2007-09-14 10:54:58.130 0.896 TCP 216.129.82.250:2691 -> 209.104.58.141:80 3 144 1 2007-09-14 10:54:55.378 5.184 TCP 209.191.118.103:25 -> 209.104.37.200:26490 26 1453 1   I would want to search based on Source IP/Port and Destination IP/Port. I would be looking for matches based on those flipped values like:   <date> <time> <duration> <protocol> 209.104.58.141:80 -> 216.129.82.250:2691 <etc.> <date> <time> <duration> <protocol> 209.104.37.200:26490 -> 209.191.118.103:25 <etc.>   Field names would be "src_ip", "src_port", "dst_ip", and "dst_port". ... View more