Solved: how to fetch upperbound value from Multi-value fie...

rsathish47 · ‎04-11-2014

Hi All,

I have multi-value field, I need to fetch last that mean upper bound value from Multi-value field. Length of the field will not be same ;(

Please help how to fetch upperbound value from Multi-value field.

Thanks
Sathish R

martin_mueller · ‎04-11-2014

Take a look at this:

| stats count | eval mv = "a b c d" | makemv mv | eval last = mvindex(mv, -1)

Calling mvindex(field, -1) will give you the last value regardless of length.

martin_mueller · ‎04-11-2014

Take a look at this:

| stats count | eval mv = "a b c d" | makemv mv | eval last = mvindex(mv, -1)

Calling mvindex(field, -1) will give you the last value regardless of length.

martin_mueller · ‎04-11-2014

That'll work as well, but is a bit harder to maintain and might run slower too 😛

rsathish47 · ‎04-11-2014

thanks Marty.. i used like mentioned below

eval sa=mvindex(test,mvcount(test)-1)

how to fetch upperbound value from Multi-value field