Solved: Display data in a table based on fields.

nikita012 · ‎07-10-2019

I have 3 fields in my table.
Store_id Minutes Date
1234 40 07/06
1232 50 07/07
1234 60 07/07
1232 70 07/06

I want to display the data in following manner:

Store_iD 07/06 07/07
1234 40 50
1232 70 60

Where the table has Minutes displayed based on the date for each store.

Can you please provide the query.

woodcock · ‎07-10-2019

Like add this to the bottom:

... | xyseries Store_id Date Minutes

View solution in original post

woodcock · ‎07-10-2019

Like add this to the bottom:

... | xyseries Store_id Date Minutes

jitendragupta · ‎07-10-2019

try this code:

<your base query> | table Store_id Minutes Date | chart values(Minutes) over Date by Store_id | transpose header_field=Date | rename column as Store_id

Display data in a table based on fields.

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

Join the Conversation