Hi Splunk professionals, I am new to field lookup and read the documentation about it. But I am still not sure how can I implement it with my data.
I have the weather data of many locations and example of my data is displayed below. How can I use a field lookup to check if summary is cloudy, fishing is Good, else if summary is Rain, fishing is Poor. How can I start with field lookup ? Any advises ?
Area: Woodlands
Summary: Rain
Latitude: 1.44043052
Longitude: 103.7878418
I would like to do something like this.
If that's the only thing you'd want to do I'd go with eval
and case
instead. That said, this is core lookup functionality - lookup one value, output another - so I'm not sure what the docs aren't explaining.
I was having a hard time getting it to work, then eventaully I realized that I had a few commas in some of my fields that I was looking up. Once I got rid of those and made sure my table was good it worked well.
If that's the only thing you'd want to do I'd go with eval
and case
instead. That said, this is core lookup functionality - lookup one value, output another - so I'm not sure what the docs aren't explaining.
Thanks ! I am not very sure about case (will study it tmr), but can it do like what the picture in the updated question ? Will look at it tmr morning, need to get to bed.