Solved: How to convert values in a table column to column ...

trunghung · ‎02-25-2016

I have a stats table like this

Header1......Error....Count
0-24hr..........1a..........1
0-24hr..........2a..........2
0-24hr..........3a..........3
24-48hr........1a..........4
24-48hr........2a..........5
24-48hr........3a..........6

and I'd like to transform it into a table like this and I'd like to sort it by one of the columns (for example 0-24hr column)

Error 0-24hr 24-48hr
1a..........1..........4
2a..........2..........5
3a..........3..........6

How would I do that? thank you very much

martin_mueller · ‎02-25-2016

Append this to your search:

... | xyseries Error Header1 Count

View solution in original post

martin_mueller · ‎02-25-2016

Append this to your search:

... | xyseries Error Header1 Count

martin_mueller · ‎02-25-2016

Something like this:

... | sort "0-24hr"

Make sure to get the column name correct, including case sensitivity.

trunghung · ‎02-25-2016

Hi Martin,

that works. how do I sort the table by the 0-24hr column? thanks

How to convert values in a table column to column headers?

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Adoption of RUM and APM at Splunk