Skip to content

M-u-S/SA-LookupUpdate

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README
README
 
 
bin
bin
 
 
default
default
 
 
metadata
metadata
 
 
static
static
 
 
.gitattributes
.gitattributes
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

SA-LookupUpdate

This SA provides a custom search command which updates lookup file from the staging directory $SPLUNK_HOME/var/run/splunk/lookup_tmp. The new lookup file MUST follow this naming convention:

<appname>_<lookupfilename.csv>

Install:

Install as usual in the Splunk web or copy into $SPLUNK_HOME/etc/apps

Configure:

Nothing to see here, move along.

Debug

Debug option can be enabled in the script handler LookupUpdate.py by changing myDebug = no to myDebug = yes.

Support

This is an open source project, no support provided, but you can ask questions on answers.splunk.com and I will most likely answer it. Github repository: https://github.com/M-u-S/SA-LookupUpdate

I validate all my apps with appinspect and the log can be found in the README folder of each app.

Running Splunk on Windows? Good Luck, not my problem.

Version

5. April 2019 : 0.0.1 / Initial

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

4 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages