Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Adding a blank row to the output

arunkuriakose0
Engager
‎02-21-2021 09:07 PM

Hi Team

 

How can we add a blank row to the output. I have a search followed by some outputs in table format. I want to add a blank row in start or any where in the column .

index=*  Event Code=4624 Logotype=8  earliest=-d@d latest=@d | top user | appendpipe [|head 1 | for each * [eval new=""]] 

 

Tried something like this which gave me a new row with name new. I just want to add a blank row in search results. Can some one help?

Thanks in advance

 

Labels (1)
Labels
0 Karma
Reply

tscroggins
Influencer
‎02-21-2021 09:44 PM

@arunkuriakose0 

appendpipe [ | makeresults ]

will add a row/event with only a _time value.

Reply
Get Updates on the Splunk Community!

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Feel the Splunk Love: Real Stories from Real Customers

Hello Splunk Community,    What’s the best part of hearing how our customers use Splunk? Easy: the positive ...

Data Management Digest – November 2025

  Welcome to the inaugural edition of Data Management Digest! As your trusted partner in data innovation, the ...