Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

display first column against nth column

janhvi23
Loves-to-Learn
‎05-28-2023 09:51 AM

Hello All,

 

I have a log file which looks like below and I want to display in Time against the segment size
(where first column which is date and the column "SEGSZ" column value against time.)

can anyone help me with a query.

T ID KEY MODE OWNER GROUP CREATOR CGROUP NATTCH SEGSZ CPID LPID ATIME DTIME CTIME
28-05-2023 00:00:00 AM;IPC status from <running system> as of Sun May 28 00:00:02 MEST 2023
m 16779859 0 --rw------- prxm2 tuxedo prxm2 tuxedo 3 1472 57944 57954 2:12:42 2:12:42 2:12:42
28-05-2023 00:00:00 AM;Shared Memory:
m 16779801 0 --rw------- prxm2 tuxedo prxm2 tuxedo 365 156068 57942 60092 4:00:42 4:00:42 2:12:42
28-05-2023 00:00:00 AM;m 16779844 0 --rw------- prxm2 tuxedo prxm2 tuxedo 16 4592 57943 60483 6:00:01 6:00:01 2:12:42
m 16779771 0 --rw------- prxm2 tuxedo prxm2 tuxedo 3 6152 57940 57950 2:12:42 2:12:42 2:12:42
28-05-2023 00:00:00 AM;m 16779786 0 --rw------- prxm2 tuxedo prxm2 tuxedo 3 1472 57941 57951 2:12:42 2:12:42 2:12:42
m 16779639 0 --rw------- prxm2 tuxedo prxm2 tuxedo 2 443769 57604 57719 2:12:39 no-entry 2:12:36
28-05-2023 00:00:00 AM;m 16779640 0 --rw------- prxm2 tuxedo prxm2 tuxedo 2 1048576 57604 57719 2:12:39 no-entry 2:12:36
m 16779465 0 --rw------- prxm2 tuxedo prxm2 tuxedo 2 1048576 57289 57447 2:12:33 no-entry 2:12:30

Labels (1)
Tags (2)
0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...