Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How do I bring serial number in splunk

abhayneilam
Contributor
‎10-23-2012 09:33 AM

Hi,

I have four line result as follows:

value1
value2
value3
value4

but I want the serial no. should be before each line as follows:

1 value1
2 value2
3 value3
4 value

When I export in .csv or .xlsx format. I should get my result along with serial no.

Please help

Tags (4)
Reply

jawaharas
Motivator
‎01-05-2021 05:14 PM

You can try 'Format'->'Row Numbers'.


jawaharas_0-1609895521463.png

 

 

0 Karma
Reply

Gilberto_Castil
Splunk Employee
Splunk Employee
‎10-24-2012 07:00 AM

If I understand your question, you want to have an incremental row number paired with your results. If this is the case, this is similar to this question and a similar answer applies.

The Splunk command you are looking for here is accum -which increments a field value by one.

index=blah sourcetype=blah blah | eval SNO=1 | accum SNO | table SNO Field1

It should be noted, however, that Splunk will show row numbers in a table by default. The numbering will begin at one (1).

Reply

srizan
Path Finder
‎12-07-2018 11:32 AM

This definitely helped me!

0 Karma
Reply

yannK
Splunk Employee
Splunk Employee
‎10-23-2012 08:47 PM

Do you mean serial order or serial number ?

In Splunk the the order is chronological, based on the timestamp.
Or i you want you own order, in your logs, add a columns with an incrementing number.

Reply

abhayneilam
Contributor
‎10-24-2012 05:13 AM

I want to add a separate column which would contain the serial number with the incrementing number.

Please help me regarding this !!

Thanks in Advance
Abhay

0 Karma
Reply
Get Updates on the Splunk Community!

Good Sourcetype Naming

When it comes to getting data in, one of the earliest decisions made is what to use as a sourcetype. Often, ...

See your relevant APM services, dashboards, and alerts in one place with the updated ...

As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...

Splunk App for Anomaly Detection End of Life Announcement

Q: What is happening to the Splunk App for Anomaly Detection?A: Splunk is officially announcing the ...
Top