This is a .csv file.

lanying · ‎10-17-2011

In a dashboard, calling a csv file query. Then I want to insert a present login account*(UserAccount)*.
How can I get a connected account at present?

=================================================

This is a .csv file.

UserAccount,OrgCode,EventName,"ATTACK_TYPE",AttackerIP,AttackerPort,VictimIP,VictimPort

admin,abc,"attack-web-02-sql-injection-get-or.05093001@",hacking,"1.1.1.1",32923,"1.1.1.1",80

Ayn · ‎10-18-2011

A way of accessing the name of the currently logged in user in a search? I'm pretty sure there's currently no straightforward way of doing that. What you COULD do is write your own custom command which gets the username from the session token, and then returns it so you can use it in your search. Have a look at southeringtonp's answer discussing the details of this in the following question: http://splunk-base.splunk.com/answers/23504/determine-currently-logged-in-username

lanying · ‎10-18-2011

If I login splunk web with a "test" account, I'd like to get the account information(test) by a search query.(http://localhost:8000 ID:test, PW:111)

Ayn · ‎10-17-2011

I'm not sure what you're asking for.

You have your csv file, you have a field with the UserAccount that shows...something (logged in user on 1.1.1.1 at the time of attack? User that created this CSV report?) but you want to show UserAccount in some other way. Please give us more details on this one.

How can I get a connected account at present?

This is a .csv file.

admin,abc,"attack-web-02-sql-injection-get-or.05093001@",hacking,"1.1.1.1",32923,"1.1.1.1",80

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Adoption of RUM and APM at Splunk