Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How do I hide a column in a table?

dgomonov
New Member
‎12-06-2018 09:05 AM

Imagine a scenario where I need to have a hidden column in my table to serve a passing functionality.

Example:

  1. I create a second column (let’s call it XYZ) with the appropriate whichever text (using replace, lower, etc) to be passed into URLs with $click.XYZ$
  2. I can use now 'condition.. ' inside of 'drill down' to specify that I actually want my first column ABC to be clickable ('field=ABC') and serve the passing functionality.
  3. How do I hide now second XYZ column? - Please be specific code wise how to do it

Thanks!

0 Karma
Reply

jpolvino
Builder
‎12-06-2018 12:56 PM

Just to make sure I understand, you have a dashboard panel with a stats table. The table has columns fieldA, fieldB, fieldC, fieldD and you want to use the value in fieldC, but not display that column in the stats table. This might be for a key you don't want to display, but use as part of a drilldown.

One way to do it:

  <table>
    <title>Your title here</title>
    <search>
      <query> (your search here) | table fieldA fieldB fieldC fieldD </query>
      <earliest>-1d@d</earliest>
      <latest>now</latest>
    </search>
    <option name="count">10</option>
    <option name="drilldown">row</option>
    <option name="rowNumbers">false</option>
    <fields>fieldA,fieldB,fieldD</fields>
    <drilldown>
      <set token="clientTok">$row.fieldC$</set>
      <set token="forms.clientTok">$row.fieldC$</set>
    </drilldown>
  </table>

The query should output all the fields you want to display, plus the one you want to hide. I just used table as an example, but you likely already have them listed by stats or something similar. The fields section controls fields that you want to see in the panel. The token clientTok can then be used in other panels, such as the target panel, using the $clientTok$.

Reply

Amiel_
Engager
‎06-29-2022 04:47 AM

Work perfectly !

0 Karma
Reply

hijacob
Communicator
‎12-06-2018 10:02 AM

Hi,

try this command...
| fields 'list of fields you want to be displayed'

Greetings,

Jacob

Reply

hijacob
Communicator
‎12-06-2018 11:16 AM

besides you can try
|fields - XYZ column

Reply

rdownie
Communicator
‎12-06-2018 12:49 PM

or
.... | fields - 'list of fields you want to exclude'

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

Hello Splunkers,  We’re excited to kick off a Splunk Dashboard contest! We know that dashboards are a primary ...

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...