Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to display the values in search result as fields?

cycheng
Path Finder
‎05-29-2013 08:36 PM

I have a search which return below results:

status      total_user
passed      7
failed      3
unknown     14

How can I change the table so that it can display like this:

passed     failed    unknown    total
  7          3         14         24

I tried this but it is not working:
stats values(eval(status="passed")) AS passed values(eval(status="failed")) AS failed values(eval(status="unknown")) AS unknown sum(total_user) AS Total

Tags (1)
0 Karma
Reply

Gilberto_Castil
Splunk Employee
Splunk Employee
‎05-29-2013 09:02 PM

Add this at the end of your original search string. I will format the data in the desired format.

... | eval dummy=" " | xyseries dummy status total_user | fields - dummy | addtotals

I hope this helps.

Reply

cycheng
Path Finder
‎05-29-2013 09:58 PM

Thanks! It solved my problem. 🙂

0 Karma
Reply

woodcock
Esteemed Legend
‎11-15-2019 04:58 PM

Then you should come back and click Accept to close the question, @cycheng.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...