Solved: Re: How to transform a table

Edwin1471 · ‎08-24-2022

Hi,

How can I transform a table, so that the result would look something like this

ITWhisperer · ‎08-24-2022

| transpose 0 header_field=Process column_name=Process

View solution in original post

gcusello · ‎08-24-2022

Hi @Edwin1471,

can you share the search you used to have those data?

Anyway, you could use the transpose command (https://docs.splunk.com/Documentation/Splunk/9.0.1/SearchReference/Transpose).

putting attention to the options.

Ciao.

Giuseppe

ITWhisperer · ‎08-24-2022

| transpose 0 header_field=Process column_name=Process

Edwin1471 · ‎08-27-2022

To follow up,

How can I sort a table by column values, instead of rows after transposing it ?

ITWhisperer · ‎08-27-2022

I am not sure I understand what you are trying to do - the sort command will sort the events (rows) by values in the fields (columns) - can you give an example of what you are trying to achieve?

How to transform a table?

stats

table

Splunk Platform | Upgrading your Splunk Deployment to Python 3.9

From Product Design to User Insights: Boosting App Developer Identity on Splunkbase

Detect and Resolve Issues in a Kubernetes Environment