Re: How to split up a row into multiple rows?

cris887 · ‎10-13-2022

Hi all,

I have a table with these fields -

Time/Date	Key	Robot	Process	Host	Status	Environment	Type
01.01.2022 12:30:00	Key 1 Key 2 Key 3	Robot 1 Robot 2 Robot 3	Process Claim Process Claim Process Claim	Host W Host X Host Y	Success Success Success	Production Production Production	Critical Critical Critical
01.01.2022 12:30:00	Key 4	Robot 4	Process Refund	Host Z	Success	Production	Critical
02.02.2022 11:30:00	Key 5	Robot 5	Process Tax	Host V	Failed	Non-Production	Minor

I want to split up the first row into three rows to show the data. Is there a way I can split these based on the Time/Date and the Process?

Ideally, I want to generate a new table like this -

gcusello · ‎10-13-2022

only one information: does the above table arrive from a search or or does it come as I can see?

if from a search, you have to modify your search to have the result you want, if it is as I see, you have to define some rule for the splitting.

Ciao.

Giuseppe

cris887 · ‎10-13-2022

I have modified my original post to make it clearer. I get these results from a search.

gcusello · ‎10-13-2022

if you could share your search, maybe I can modify it to split the values.

Ciao.

Giuseppe

cris887 · ‎10-13-2022

index=insurance source=* sourcetype=_json

| fields Time/Date, Key, Robot, Process, Host, Status, Environment, Type

How to split up a row into multiple rows?