Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Adding a blank row to the output

arunkuriakose0
Engager
‎02-21-2021 09:07 PM

Hi Team

 

How can we add a blank row to the output. I have a search followed by some outputs in table format. I want to add a blank row in start or any where in the column .

index=*  Event Code=4624 Logotype=8  earliest=-d@d latest=@d | top user | appendpipe [|head 1 | for each * [eval new=""]] 

 

Tried something like this which gave me a new row with name new. I just want to add a blank row in search results. Can some one help?

Thanks in advance

 

Labels (2)
Labels
0 Karma
Reply

tscroggins
Influencer
‎02-21-2021 09:44 PM

@arunkuriakose0 

appendpipe [ | makeresults ]

will add a row/event with only a _time value.

Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...