Solved: Re: How to custom sort by column headers

DEADBEEF · ‎08-04-2020

I have a table that shows the number of logs by severity over each host. I want to be able to rearrange the severity columns into a specific order but can't figure out how. I tried using custom sort field via eval but didn't seem to work.

Current SPL

index=foo sourcetype=logs
| chart count over server by severity

Current Table Order

server   major   info   critical    minor
serverA   5       10       8          6
serverB   22       5       13         9

Desired Table Order

server   critical  major   minor  info
serverA   8         5       6      10
serverB   13        22      9       5

thambisetty · ‎08-04-2020

use table command to re arrange table header:

| table server critical major minor info

————————————
If this helps, give a like below.

View solution in original post

thambisetty · ‎08-04-2020

use table command to re arrange table header:

| table server critical major minor info

————————————
If this helps, give a like below.

View solution in original post

How to custom sort by column headers

chart

table

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20. Learn More or Register Now >

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >