index="main" sourcetype="vrea"
| eval nested_payload=mvzip(info, solution, "---")
| mvexpand nested_payload
| eval info=mvindex(split(nested_payload, "---"), 1)
| eval solution=mvindex(split(nested_payload, "---"), 0)
| eval nested_payload=mvzip(line, more, "---")
| mvexpand nested_payload
| eval line=mvindex(split(nested_payload, "---"), 1)
| eval more=mvindex(split(nested_payload, "---"), 0)
| eval nested_payload=mvzip(ID, Severity, "---")
| mvexpand nested_payload
| eval Severity=mvindex(split(nested_payload, "---"), 1)
| eval CWE_ID=mvindex(split(nested_payload, "---"), 0)
| table info solution ID Severity line more
when use the SPL my table fields value first 4 fields keep repeating same value but last 2 field "line and more" correct value?
anyone know why it is happening?
