Hello Splunkers,

Im constructing Eval field " user1" actually user field contain 5 digit number so i have to construct a EVAL field like

index= XXX| "xxxxx" |eval user1 = if((user_pin > 0), "user_pin", "Unknown") | table user1 user_pin

If "user1" field is 7 digit then in just return actual 7 digit number or else if it is string just say "null value"

EVAL-user = if((user1== 5 digit number ) "reportactull number ", "report null value ")

Please let me know