Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Search with output_mode=csv ends up reordering the table command output.

paragcisco
Explorer
‎03-22-2012 12:38 PM

I am doing something like this:
[ignore some syntax issues]

curl ... https://..../search/jobs/export -d 'search=search index=xyz ... | table Fld1 Fld2' -d output_mode=csv

Expected output (as given to table command) is:
Fld1,Fl2
123,abc

Actual output is
Fld2,Fld1
abc ,123

Any idea why it is getting re-ordered and how can I get it in the format I want?

Tags (3)
Reply

ShaneNewman
Motivator
‎01-23-2015 09:19 PM

I ran into a similar issue... Ended up using .... | table field1 field2 | outputcsv foo.csv and it corrected the problem.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

How to find the worst searches in your Splunk environment and how to fix them

Everyone knows Splunk is a powerful platform for running searches and doing data analytics. Your ...

Share Your Feedback: On Admin Config Service (ACS)!

Help Us Build a Better Admin Config Service Experience (ACS)   We Want Your Feedback on Admin Config Service ...