Hello guys, I am trying to find a way to get the data in a record in the following manner to get i a table output in splunk . The data in the record is as follows
os_repo_status: last-update-result: [2018-01-25 18:53:14] {success} System update completed successfully
: remote-trigger: 1_per_hour UCMPROXY/tomorrowland-patching/os-update-trigger/FQHOST
: reboot-eligible: true
: next-update: NO_SCHEDULE
: update-eligible: true
: updates-available: false
I want to get the Fields "upadtes-available" field under the "os_repo_status" in the above list in a table output
my basic search is " | inputlookup mdbstaticlooup Where ....... | table os-repo-satus| "
i am not able to see anything in the os-repo-field in the table section.
Can any one Please help me in getting this solved .
So the above data is one single or multiple rows of your search | inputlookup mdbstaticlooup Where ....... | table os-repo-satus
?