Shakeer Hussain
Reputation: 2536
Splunk result in Table format
Can you please help how to return below splunk result into Table format.
Employer details name Jon smith empid:4538938
Employer details name Mac Stone empid:4538939
Employer details name David smith empid:4534458
splunk Output in table format
Name Empid
Jon smith 4538938
Mac Stone 4538939
David smith 4534458
Upvotes: 0
Views: 204
Answers (1)
Mads Hansen
Reputation: 66783
If you don't already have anything parsing the information into fields, then you could apply a regex with rex to extract data into fields, and then plot as a table with the table command:
| rex field=Message "Employer details name (?<name>.*) empid:(?<empid>\d+)"
| table name empid
Upvotes: 0
Related Questions
- Splunk search query to create a table from JSON search result
- Getting value from splunk search result to Email Alert Message
- Splunk query with conditions of an object
- Parse JSON array to table in Splunk
- Display result count of multiple search query in Splunk table
- Splunk Query - group events by fields in splunk
- Splunk - Create customized query for Splunk dashboard based on Input selection
- Splunk panel for calculating grater then operation
- Splunk data export using API
- How to write Splunk query to get first and last request time for each sources along with each source counts in a table output