Lookups for the Splunk Add-on for Unix and Linux¶
The Splunk Add-on for Unix and Linux contains the following lookup files:
| File Name | Description |
|---|---|
nix_da_update_status.csv |
Maps sourcetypes to required update status. |
nix_da_version_ranges.csv |
Maps sourcetypes to OS-provided version information. |
nix_linux_audit_action_object_category.csv |
Maps operations (op) to category and action for Linux audit logs. |
nix_linux_service_startmodes.csv |
Maps Linux services to their configured start modes. |
nix_vendor_actions.csv |
Maps vendor_action and action for security logs. |