Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Remove Header column outputcsv

efelder0
Communicator
‎11-04-2011 08:17 AM

Is there a way to remove the Header column row after performing the outputcsv command during a Splunk search?

Reply
1 Solution
Solved! Jump to solution
Solution

Rob
Splunk Employee
Splunk Employee
‎01-19-2012 10:27 AM

I don't thing there is any way to remove the header by using a Splunk command that would remove it from the csv file generated by the outputcsv command. Your best bet would be to run a clean up script that removes the header info after the file is generated.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

Rob
Splunk Employee
Splunk Employee
‎01-19-2012 10:27 AM

I don't thing there is any way to remove the header by using a Splunk command that would remove it from the csv file generated by the outputcsv command. Your best bet would be to run a clean up script that removes the header info after the file is generated.

0 Karma
Reply
Solved! Jump to solution

responsys_cm
Builder
‎07-05-2012 03:54 PM

Can we get this feature added as an option to the outputcsv command? I have some tools that use CSV files for configs and it would be nice if Splunk could keep them dynamically updated.

0 Karma
Reply
Solved! Jump to solution

Starlette
Contributor
‎11-13-2011 08:01 AM

2 options :

1)
Save a NOT search as macro to catch the lines and prefix this in your main search

2)
Get rid of them before indexing ( best option)

Check this , and scroll for the sedcmd

The regex should be pretty easy,,just the first range of characters, let me know if you succeed, otherwise paste a sample and the header...

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...