Hi!
I have a table created with Splunk search with the name of the site and projects with due dates that looks like this:
| SITE | MARCH | APRIL | MAY |
| site1 | project1 | | project2 |
| site2 | project2 | | |
| site3 | | project3 | |
some projects are past due and some are in good standing. to determine whether it is past due i simply do an eval statement:
|eval past_due=if(strptime(task_duedate,"%Y-%m-%d") < relative_time(now(), "@d"),1,0)
Other projects are in good standing. Can I color code the fields with project that are past due with red, and projects that are good standing green?
Thank you!
