hi there,
i'm very new to splunk and not much experience yet. the splunk-answers are great and helped me a lot. but in the following situation i have no idea how to solve this problem.
i have two searches, which give me a list of ip-addresses as a result. i want to list the ip-addresses of the two searches, each in a column, and the delta between the two in a third column.
search string #1
src_mac_vendor="nexans deutschland gmbh ans" sourcetype=dhcpd dhcp_message="DHCPACK" src_mac_prefix="00:c0:29" | dedup src_ip
search string #2
sourcetype=syslog host=* | rex ".*\d]\s(?<Switch>S[2-3].*)\s:\s" | dedup Switch
thanks for your help!!!
... View more