Solved: how to get string values into column values dynami...

shivareddysompa · ‎07-07-2020

hi,

i have data like below. i want to string into column values then need to join with my query.

System effected Region

a:b:c;d;e;f India

i need like below.

system effected Region

a India

b India

c India

d India

e India

f India

Thanks in advance

richgalloway · ‎07-07-2020

| makeresults | eval _raw="System     effected_Region
a:b:c;d;e;f  India" | multikv forceheader=1
`comment("Above just sets up test data")`
| eval System=split(System,":") | mvexpand System 
| eval System=split(System,";") | mvexpand System

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway · ‎07-07-2020

| makeresults | eval _raw="System     effected_Region
a:b:c;d;e;f  India" | multikv forceheader=1
`comment("Above just sets up test data")`
| eval System=split(System,":") | mvexpand System 
| eval System=split(System,";") | mvexpand System

---
If this reply helps you, Karma would be appreciated.

how to get string values into column values dynamically

using Splunk Enterprise

Modern way of developing distributed application using OTel

Enterprise Security Content Update (ESCU) | New Releases

Archived Metrics Now Available for APAC and EMEA realms