Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Warning

This app is archived. Learn more

MV-table app icon

MV-table

Custom command to generate table from multivalue events example for wsus data:

Built by
splunk product badge
screenshot
Latest Version 1.0.1
November 25, 2019
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
Rating

0

(0)

Log in to rate this app
Support
MV-table support icon
Not Supported
Custom command to generate table from multivalue events example for wsus data: | mvtable mvfields="kbnumber,arrival_date" keepfields="host,OS,_time" | table * mvfields: fields containing several values, cardinality of the first field in the list is assumed to be the desired number of output rows. keepfields: specify the single value fields to be retained on each resulting row. Example from the screenshot: | makeresults | eval kbnumber="1234 5678 9012" | eval arrival_date="2019.05.17 2019.05.17 2019.05.17 2019.05.17" | eval host="test" | eval OS="Windows 10" | eval kbnumber=split(kbnumber," ") | eval arrival_date=split(arrival_date," ") | mvtable mvfields="kbnumber,arrival_date" keepfields="host,OS,_time" | table *

Categories

Created By

Dominique Vocat

Type

addon

Downloads

681

Licensing

Splunk Answers

Resources

Log in to report this app listing