Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to create below scenario?

abhi04
Communicator
‎06-12-2018 09:40 AM

I have below parameter and their values over server_Name:

Parameters Server_Name1 Server_Name2

Now I want to add one more column i.e. Message which will show the message same or nit same based on the Parameter values comparison of different server with a server

Parameter Message Server_Name1 Server_Name2

Tags (1)
0 Karma
Reply

pradeepkumarg
Influencer
‎06-12-2018 10:28 AM

Append this to your search

| eval message = if(server1=server2,"same","not_same")
0 Karma
Reply

abhi04
Communicator
‎06-13-2018 03:55 AM

Hi gpradeepkumarreddy,

I have more than 20 servers. So I want to compare each parameter value for every server and if for every server the paramater value is equal then it should display same in the column "Message" beside that parameter.

0 Karma
Reply

pradeepkumarg
Influencer
‎06-15-2018 07:58 AM

It should work for every server in your table

0 Karma
Reply

abhi04
Communicator
‎06-12-2018 09:51 PM

Hi gpradeepkumarreddy,

Like this I have other servers as well and I have to display same or not same based on every parameter value i.e. a,b,c for every server.

0 Karma
Reply

abhi04
Communicator
‎06-12-2018 09:54 AM

Sorry,
I want the below table

Parameter server1 server 2
A
B
................. Same. Not same

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security

AI is one of the biggest topics in the market today, and for security teams, its value goes far beyond the ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...