Splunk Search

How to do a lookup on multiple values in a text file on an HTTP URL?

vivekriyer
Explorer

I have a requirement to be implemented in Splunk.

Facts:
I am a newbie to Splunk.

Problem Statement:
a. There is a text file in an http url that contains space delimited values (similar to a fixed length file).

b. The requirement is to do a lookup on this url, then load the values onto an index (these values get updated frequently and without notification).

c. Searched this community and the documentation, but couldn't quite find an answer.
https://answers.splunk.com/answers/69000/external-file-lookup-is-failing-possible-due-to-a-character...
https://answers.splunk.com/answers/10463/example-of-doing-an-external-lookup-using-http-get-or-post....
http://docs.splunk.com/Documentation/Splunk/6.1.4/Knowledge/Addfieldsfromexternaldatasources

d. Have considered using external_lookup.py (but doesn't accept a http url,that provides a text response, as an input)

e. I am not great inPython and need a quick turnaround.

Please advise the best solution for this scenario

0 Karma
1 Solution

woodcock
Esteemed Legend

vivekriyer
Explorer

Thank you for the quick reply. I will try this out and update this thread. Appreciate the help.

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...