SplunkAnswers
P
ravi sankar
Posted on 20th April 2024
We can join two searches with no command fields by creating a field alias so both the externalid and _id can map per a distinct field. Later you can utilise that field during the searches.
If you want to learn more about this you can go through this blog Splunk Search Commands.
Write your answer
STILL GOT QUERIES?
Get a Live FREE Demo
- Explore the trending and niche courses and learning maps
- Learn about tuition fee, payment plans, and scholarships
- Get access to webinars and self-paced learning videos