Fill Multiple values in a field

Jazzyb · ‎06-12-2021

I have some numeric values that is coming from job search results and the result is saved in tokens. These values are numeric. How can I make bar chart to see whether values are increasing or decreasing. Example

Value 1 = 100

value 2 = 200

value 3 = 300

Now, how can I assign multiple values to a field with the help of eval like this we do for single value

| eval new_field = “value1’’.. instead of one value I want to keep multiple values. Thanks

Jazzyb · ‎06-12-2021

thanks but this solves my half problem. The values are treated as string here and my values are numbers and based on these numbers, I will create a bar graph. These values are basically total count from csv files. Each file will generate a Total count and these counts are stored in token. And based on these token values I will create a bar graph. Also tonumber(string) does not convert the entire field to integer..

New_Field

100

200

300

So above will be the data. New_Field will have 3 values and I want to make graph based on these values..

ITWhisperer · ‎06-12-2021

Do you mean a multi-value field?

| eval new_field=mvappend(value1,value2,value3)

Or do you want separate events for each token value?

Fill Multiple values in a field

eval

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!