Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to custom sort by column headers

DEADBEEF
Path Finder
‎08-04-2020 10:27 AM

I have a table that shows the number of logs by severity over each host.  I want to be able to rearrange the severity columns into a specific order but can't figure out how.  I tried using custom sort field via eval but didn't seem to work.

Current SPL

 

index=foo sourcetype=logs
| chart count over server by severity

 


Current Table Order

 

server   major   info   critical    minor
serverA   5       10       8          6
serverB   22       5       13         9

 

 

Desired Table Order

 

server   critical  major   minor  info
serverA   8         5       6      10
serverB   13        22      9       5

 

Labels (2)
Labels
Tags (3)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

thambisetty
SplunkTrust
SplunkTrust
‎08-04-2020 12:21 PM

use table command to re arrange table header:

 

| table server critical major minor info

————————————
If this helps, give a like below.

View solution in original post

Reply
Solved! Jump to solution
Solution

thambisetty
SplunkTrust
SplunkTrust
‎08-04-2020 12:21 PM

use table command to re arrange table header:

 

| table server critical major minor info

————————————
If this helps, give a like below.
Reply
Get Updates on the Splunk Community!

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...