Hi,
I want to dynamically include macros in search depending on the eval statements. I want to acheive something like
.... | eval temp = if (condition, macro1, macro2) | further processing.
Is it possible to achieve in Splunk?
Thanks, Vishal
Hi vganjare,
no, I think it is still not possible, but you can build an eval based macro http://docs.splunk.com/Documentation/Splunk/6.2.1/Search/Usesearchmacros
something like this:
if($arg1$=="condition","true","false")
cheers, MuS
View solution in original post
