Solved: Re: Extract fields of CSV data source in Upper cas...

rashi83 · ‎06-10-2019

I have a CSV file with region , status , hostname as Columns - field extraction works and gives them as region , status and hostname. Instead I want extraction to work like "Region " "Hostname " Status".

Is there any setting in source type advance to achieve this?

jnudell_2 · ‎06-10-2019

Hi Rashi83,

I think it would help if you told us why you want to have the field names from the CSV in proper case. In the end, it's not really going to matter, because you can always rename the fields at search time: | rename region as Region, status as Status, hostname as Hostname

If you're only concerned about how it will appear in search results or a report, then use rename at search time.

View solution in original post

jnudell_2 · ‎06-10-2019

Hi Rashi83,

I think it would help if you told us why you want to have the field names from the CSV in proper case. In the end, it's not really going to matter, because you can always rename the fields at search time: | rename region as Region, status as Status, hostname as Hostname

If you're only concerned about how it will appear in search results or a report, then use rename at search time.

somesoni2 · ‎06-10-2019

How have you extracted fields? Do you have control on changing the CSV headers?

rashi83 · ‎06-10-2019

no I do not have control on CSV .

Field extraction was done automatically when I choose sourcetype = CSV

Extract fields of CSV data source in Upper case

Admin Your Splunk Cloud, Your Way

Cloud Platform | Discontinuing support for TLS version 1.0 and 1.1

New Customer Testimonials