- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Re: formating a text file
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i have a file in the format of :
productId,product_name,price,sale_price,Code
DB-SG-G01,Mediocre Kingdoms,24.99,19.99,A
DC-SG-G02,Dream Crusher,39.99,24.99,B
FS-SG-G03,Final Sequel,24.99,16.99,C
WC-SH-G04,World of Cheese,24.99,19.99,D
WC-SH-T02,World of Cheese Tee,9.99,6.99,E
PZ-SG-G05,Puppies vs. Zombies,4.99,1.99,F
CU-PG-G06,Curling 2014,19.99,16.99,G
MB-AG-G07,Manganiello Bros.,39.99,24.99,H
MB-AG-T01,Manganiello Bros. Tee,9.99,6.99,I
FI-AG-G08,Orvil the Wolverine,39.99,24.99,J
BS-AG-G09,Benign Space Debris,24.99,19.99,K
SC-MG-G10,SIM Cubicle,19.99,16.99,L
WC-SH-A01,Holy Blade of Gouda,5.99,2.99,M
WC-SH-A02,Fire Resistance Suit of Provolone,3.99,1.99,N
SF-BVS-G01,Grand Theft Scooter,26.99,21.99,O
SF-BVS-01,Pony Run,49.99,41.99,P
if i want to get list of customerid column only for the price greater than 30.
Could you please help me with the query.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This file does not contain any field named 'customerid'. So we cannot write a Query that fulfills your requirement.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@ashish_chand this seems to be tutorial data from Splunk Search Tutorial which is part of Splunk Search Fundamentals course.
Could you please elaborate the need for qustions? Hope this is not one of the lab assignments.
Kindly use this forum to ask queries when you get stuck or need clarification/details about anything related to Splunk. Kindly don't use Splunk Answers platform to ask Community Members solve your assignments.
Even if this is not an assignment question, logically speaking you use case should be to find productId with price greater than 30. If so check out Example 4 from Splunk Documentation of inputlookup command. Provided above CSV has been uploaded to Splunk as a Lookup file.
If you have a correlated data indexed where there is actually customer information i.e. customerid, then a Customer may by more than one products hence price would be sum of individual product prices and in most of the cases above $30. Please confirm whether this is the use case. If so you would need to provide indexed data sample with customerid.
*In order to make proper use of this community and learn, first try the queries yourself then post the same here with specific problems you are facing! Community members would be happy to assist 🙂 *
| makeresults | eval message= "Happy Splunking!!!"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This file does not contain any field named 'customerid'. So we cannot write a Query that fulfills your requirement.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your file does not include a customerid column. Did you mean productId?
sale_price>30 | field productid
Of do you need to find the customerid in a seperate set of data, for any customers that bought a product that was over 30?
customerid=* [ search sale_price>30 | field productid ]
Announcing Scheduled Export GA for Dashboard Studio
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!
