Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Rename columns

deanamite91
Explorer
‎09-23-2015 08:00 AM

I have the following search string

index="commercial_performance" "Efficiency Variance *" OR "Intervention Variance *" OR "Entitlement Variance *" | stats sum(Value) AS "Total" by Cat1 | addcoltotals labelfield=Cat1 label="Total (£)"

On my graph the Efficiency Entitlement and Intervention Variance columns say 'Efficiency Variance (\xA3)' when I want them to say 'Efficiency Variance (£)'.

I have tried renaming them but no luck.

Tags (2)
0 Karma
Reply

gcato
Contributor
‎09-23-2015 02:21 PM

Hi deanamite91,

Just use the "rename" command to rename your column headers.

... | rename "Efficiency Variance (xA3)" AS "Efficiency Variance (£)" ...<and so on>...
0 Karma
Reply

deanamite91
Explorer
‎09-24-2015 01:06 AM

I've tried using rename and it doesn't work.

0 Karma
Reply

deanamite91
Explorer
‎09-24-2015 01:38 AM

The field is Cat1 and the values within it are Efficiency Variance (\xA3), Intervention Variance (\xA3) and Entitlement Variance (\xA3)

0 Karma
Reply

gcato
Contributor
‎09-24-2015 03:08 PM

I suggest either the sed or the replace() commands. For example,

... | rex mode=sed "s/xA3/£/g"

OR

  ... | eval Cat1 = replace(Cat1, "xA3", "£")
0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

REGISTER NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If ...

Observability | Use Synthetic Monitoring for Website Metadata Verification

If you are on Splunk Observability Cloud, you may already have Synthetic Monitoringin your observability ...

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...