Hello,
I am trying to create a Splunk search where I have a user add a string of text into a text input and have it go through a python string and submit the string to Splunk and give the results?
I have a search where | inputlookup FSinfo.csv | where Site_Code="AXXA43A"
and I get the most of the information I need but it will give me a lot of extra rows that have the same site code. But I am having issues if I don't put them in all caps it wont work either. Is there a way to fix this or would the Python script to make it all caps just be the easier route.
How do you get a Python user input string to work in Splunk? And how would I create a dashboard with just lookup table information?
Thanks for the help and time.
Respectfully,
Spider Splunk Man 😄
Instead of using the "where" command use the "search" command.
| inputlookup FSinfo.csv | search Site_Code="aaax43a"
I used this instead. That way I could do both upper and lower case when looking through the lookup table. I think with the python script you have to install or use and API to do it.
No worries found out what I could do.
Great. Would you mind sharing the solution (at least the approach) with the community so that other community members with similar requirement can benefit from it?