Re: delete events that have a certain field empty?

halperkins · ‎11-08-2012

how can i delete the events for which the field is empty?

thanks

EDIT:
btw, i do not want to do the "delete" command which would delete the data from the actual server. I just want it removed from the search result

martin_mueller · ‎11-09-2012

In order to remove events from the search result when field is empty you could just add field=* to your search.

martin_mueller · ‎11-15-2016

field=* means "field is anything but empty".

horsefez · ‎11-14-2016

@martin_mueller
How is this right?
For my understanding this means the fields value could by anything.

sowings · ‎11-08-2012

| where isnull(<field>)

gfrjonp · ‎11-08-2012

source= | where isnull(B)

sirisk · ‎11-14-2016

It worked for me

delete events that have a certain field empty?