Hello,
I have a search returning some results that look like this:
sourcetype="somesourcetype" [ search sourcetype="somesourcetype" ... | top limit=100 email | fields + email ] | stats count by email,error
email error count
g@gogo.com 100 20
g@gogo.com 101 21
g@gogo.com 102 22
g@gogo.com 103 23
g@gogo.com 104 24
m@momo.com 100 20
m@momo.com 101 21
m@momo.com 102 22
m@momo.com 103 23
m@momo.com 104 24
f@fofo.com 100 20
f@fofo.com 101 21
f@fofo.com 102 22
f@fofo.com 103 23
f@fofo.com 104 24
How can I make my table look like this?
email 100 101 102 103 104
g@gogo.com 20 21 22 23 24
m@momo.com 20 21 22 23 24
f@fofo.com 20 21 22 23 24
Thanks!
