Re: Creating a table

Imhim · ‎08-17-2023

Hi,

I need help with creating a table in Splunk that displays all the components below:

I too need to create another table that gives an overview of the Host. The components are:

I have been looking at this for a while, however the task is difficult, so I am hoping I can find the help I need here.

Thank you.

gcusello · ‎08-17-2023

did you already ingested logs using the Splunk_TA_Windows (on Windows machines) or the Splunk_TA_nix (on Linux machines)?

If yes, you have only to identify the fields to use and they depends on the operative system.

If not, install the Add-ons, enabling the inputs you need, then I can help you in search definition.

Ciao.

Giuseppe

Imhim · ‎08-17-2023

Thank you for the fast reply.

Yes, both are already installed and have ingested logs. 🙂

Br,

Imhim

ITWhisperer · ‎08-17-2023

When field names have non-alphanumerics in they need to referred to in single quotes e.g.

| table VirtualMachine 'vCPU (Allocated)' 'RAM (Allocated)'

How to create a table?