cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
skyelowryvancit
Explorer
Member since: ‎08-30-2019
‎10-14-2021
Community Statistics
Posts 7
Solutions 0
Karma Given 3
Karma Received 1
Member Since ‎08-30-2019
Activity Feed
View All

Re: ip location and microsoft/google

by in Splunk Search
‎01-26-2021 02:03 PM
‎01-26-2021 02:03 PM
Even the code you have for that move from the JSON to CSV would be great. I think I might try to make an app that does this activity, and updates a lookup for all the cloud providers. Yes, MS does make it confusing often, there might be fewer use cases than I imagine with the data set. Good to start digging though. If you do a linkedin article post the link 🙂  ... View more

Re: ip location and microsoft/google

by in Splunk Search
‎01-26-2021 11:03 AM
‎01-26-2021 11:03 AM
Just what I am looking for! Can you share any of your code for the creating the lookup table from the JSON? ... View more

Re: How to a merge value and a field name from two...

by in Splunk Search
‎08-17-2020 06:54 PM
‎08-17-2020 06:54 PM
this had my hopes up while I used it to fit my use case. Came back and saw the rest of the thread.  Slowly dying inside. ... View more

Re: Network Tool Kit Bulk Port Check

by in All Apps and Add-ons
‎01-20-2020 12:34 PM
‎01-20-2020 12:34 PM
Also bulk whois from ...|lookup whois host as host_to_lookup Currently the response is an empty table with no content, The whois is performed and the results end up in index=main (even though nettools is the index specified in Configuration). Not sure if this is a similar oversight or a different issue. ... View more

Re: Resource/guide sought for ProofPoint TRAP [Thr...

by in Getting Data In
‎10-31-2019 11:20 AM
1 Karma
‎10-31-2019 11:20 AM
1 Karma
I am also looking for this, Any updates from Proofpoint on this one? ... View more

Re: Using |lookup whois on domain name

by in All Apps and Add-ons
‎10-15-2019 10:40 AM
‎10-15-2019 10:40 AM
I was only using the table to illustrate my problem. My issue is that whois query will work when called by |lookup whois using the IP address, but not the Hostname. Hostname only works when using |whois and not |lookup whois ... View more

Using |lookup whois on domain name

by in All Apps and Add-ons
‎10-10-2019 03:15 PM
‎10-10-2019 03:15 PM
I have a lookup table ipn1.csv src_ip,hostname 54.69.58.243,splunk.com 172.217.14.206,google.com When I run: | inputlookup "ipn1.csv" | lookup whois host as src_ip (lookup whois information based on the IP address) I get information populated from the whois search When I run: | inputlookup "ipn1.csv" | lookup whois host as hostname (lookup whois information based on the domain name) no information is populated. In my use case, I want to take a domain name from a search and lookup the creation_date but I cannot seem to get results. When doing |whois splunk.com it works perfectly, just not within a runtime search. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-14-2021 03:35 PM
Karma from
View All
Karma given to