Splunk Search
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How can I define different export fields set of the "FieldPicker" for different apps?

William
Path Finder
‎04-06-2010 05:02 PM

For example, I want to only display "host", "sourcetype" for an app A in the default search result of "Events Table", but only "source", "eventtype" for app B. How can I do this?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

William
Path Finder
‎06-01-2010 02:37 AM

the default fields set is defined by the viewstates.conf whose path is

$Splunk\etc\users\USER_NAME\APP_NAME\local\viewstates.conf

and it is controlled by the FieldPickers as follows

[flashtimeline:_current] FieldPicker_0_6_1.fields = ...

View solution in original post

Reply
Solved! Jump to solution

William
Path Finder
‎06-01-2010 02:38 AM

yes. i have found the answer. thanks.

0 Karma
Reply
Solved! Jump to solution
Solution

William
Path Finder
‎06-01-2010 02:37 AM

the default fields set is defined by the viewstates.conf whose path is

$Splunk\etc\users\USER_NAME\APP_NAME\local\viewstates.conf

and it is controlled by the FieldPickers as follows

[flashtimeline:_current] FieldPicker_0_6_1.fields = ...

Reply
Solved! Jump to solution

jrodman
Splunk Employee
Splunk Employee
‎04-20-2010 07:17 PM

Are you talking about having a set of default selected fields by app?

0 Karma
Reply
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...
Top