Re: create custom results

msalghamdi · ‎06-11-2023

Dear Splunker,

i need you help in creating custom results to include in a report and output it in a table for statistics, here are the data:

Thanks in advance

PickleRick · ‎06-11-2023

Just use makeresults to generate a block of text, then use multikv to split it into single rows/cols. If you want to add this to an existing report, use append.

But most probably it wil not make much sense if your report has other columns - it will not be a separate "legend" to the table. For that you'd have to create a dashboard with separate widgets - one for table, one for the legend (here you could probably just use static text)

msalghamdi · ‎06-11-2023

thanks for the answer, the thing is whenever i create results, the same fields gets overwritten when i create multiple of it, please if you can create a search that would show it in a table id be thankful

How to create custom results?

fields

table

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation