Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

What am I not seeing event fields in the summary index, from the scheduled report feeding the summary index?

Glasses
Builder
‎07-17-2019 02:06 PM

I created a scheduled report and it parses the fields in key-value pairs nicely.
I enabled a summary index and I see the report feeding events into the summary index.
But I don't get all the key-value pairs parsed out like in the report.
Doesn't the summary report natively parse fields?
Or do I have to specifically table fields?

Thanks

0 Karma
Reply
Get Updates on the Splunk Community!

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

At this year’s Splunk University, I had the privilege of chatting with Devesh Logendran, one of the winners in ...

There's No Place Like Chrome and the Splunk Platform

WATCH NOW!Malware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to ...

Customer Experience | Join the Customer Advisory Board!

Are you ready to take your Splunk journey to the next level? 🚀 We invite you to join our elite squad ...