Merging rows with same values

keishamtcs · ‎09-13-2015

Hi Guys,

Need help on merging data. i have two columns ( first and second) which has the same value but instead of showing two different lines, i need to show to only one value for these columns while the 3rd and 4th column remains as individual rows. Please let me know how to resolve this.

StorageArray_serialNumber   TotalPorts  LinkStatusType  StorageArray_Port_topology
92213279                      16                   8                 Link Failure
92213279                      16                 8               LinkUp(F_Port Connected)

My desired output.

StorageArray_serialNumber   TotalPorts  StorageArray_Port_topology  LinkStatusType
                                                     Link Failure            8
92213279                      16       -----------------------------------------------------------
                                                    LinkUp(F_Port Connected)       8                
                                        ----------------------------------------------------------------

somesoni2 · ‎09-14-2015

Try something like this

your current search with first output | stats list(*) as * by StorageArray_serialNumber, TotalPorts

Merging rows with same values

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms