Solved: Re: How to transform a table

Edwin1471 · ‎08-24-2022

Hi,

How can I transform a table, so that the result would look something like this

ITWhisperer · ‎08-24-2022

| transpose 0 header_field=Process column_name=Process

View solution in original post

gcusello · ‎08-24-2022

Hi @Edwin1471,

can you share the search you used to have those data?

Anyway, you could use the transpose command (https://docs.splunk.com/Documentation/Splunk/9.0.1/SearchReference/Transpose).

putting attention to the options.

Ciao.

Giuseppe

ITWhisperer · ‎08-24-2022

| transpose 0 header_field=Process column_name=Process

Edwin1471 · ‎08-27-2022

To follow up,

How can I sort a table by column values, instead of rows after transposing it ?

ITWhisperer · ‎08-27-2022

I am not sure I understand what you are trying to do - the sort command will sort the events (rows) by values in the fields (columns) - can you give an example of what you are trying to achieve?

How to transform a table?

stats

table

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Deep insights, no barriers: Splunk Observability Cloud Free Edition

Monitoring AI Agents with Splunk Observability Cloud

[Puzzles] Solve, Learn, Repeat: Tiling

Join the Conversation