Re: How do I bring serial number in splunk

abhayneilam · ‎10-23-2012

Hi,

I have four line result as follows:

value1
value2
value3
value4

but I want the serial no. should be before each line as follows:

1 value1
2 value2
3 value3
4 value

When I export in .csv or .xlsx format. I should get my result along with serial no.

Please help

jawaharas · ‎01-05-2021

You can try 'Format'->'Row Numbers'.

Gilberto_Castil · ‎10-24-2012

If I understand your question, you want to have an incremental row number paired with your results. If this is the case, this is similar to this question and a similar answer applies.

The Splunk command you are looking for here is accum -which increments a field value by one.

index=blah sourcetype=blah blah | eval SNO=1 | accum SNO | table SNO Field1

It should be noted, however, that Splunk will show row numbers in a table by default. The numbering will begin at one (1).

srizan · ‎12-07-2018

This definitely helped me!

yannK · ‎10-23-2012

Do you mean serial order or serial number ?

In Splunk the the order is chronological, based on the timestamp.
Or i you want you own order, in your logs, add a columns with an incrementing number.

abhayneilam · ‎10-24-2012

I want to add a separate column which would contain the serial number with the incrementing number.

Please help me regarding this !!

Thanks in Advance
Abhay

How do I bring serial number in splunk

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

New in Observability Cloud - Explicit Bucket Histograms