Nital
Reputation: 6114
How to remove a certain field from Splunk output
I am trying to remove a field from Search Result after running a command in Search Head on Splunk.
However as you can see in the following command that I am trying to run I see following error. I am quite new to Splunk and not sure what I need to do. Please guide.
Upvotes: 1
Views: 2993
Answers (1)
Akah
Reputation: 1920
I would suggest you to specify what you want as a result. The table command should help you :
xxxxxxxxxxxxxxxxxx |top DEPARTMENT | table DEPARTMENT,count
This way, you should only have the DEPARTMENT and count columns.
Upvotes: 3
Related Questions
- Extract data from splunk
- Conditionally remove a field in Splunk
- Splunk - display top values for only certain fields
- How to exclude a particular string from set of server logs
- Generate Splunk report with only extracted fields
- How to extract a field from a Splunk search result and do stats on the value of that field
- How to extract a value from fields when using stats()
- Splunk extracted field in dashboard
- Extracting certain fields from Splunk query results
- Splunk: Removing all text after a specific string in a column