Hi my data is comma delimited   , there  are 2 rows with a header. I'fd like the columns to be split by the comma into a more readable table. Thanks

LOG_SEQ,LOG_DATE,LOG_PKG,LOG_PROC,LOG_ID,LOG_MSG,LOG_ADDL_MSG,LOG_MSG_TYPE,LOG_SQLERRM,LOG_SQLCODE,LOG_RECEIPT_TABLE_TYPE,LOG_RECEIPT_NUMBER,LOG_BATCH_NUMBER,LOG_RECORDS_ATTEMPTED,sOG_RECORDS_SUCCESSFUL,LOG_RECORDS_ERROR, 37205289,20250612,import_ddd,proposal_dataload (FAS),,GC Batch: 615 Rows Rejected 6,,W,,0,,,,0,0,0 37205306,20250612,hu_givecampus_import_HKS,proposal_dataload (HKS),,GC Batch: 615 - Nothing to process. Skipping DataLoader operation,,W,,0,,,,0,0,0 37205315,20250612,ddd,assignment_dataload (FAS),,GC Batch: 615 Rows Rejected 3,See harris.hu_gc_assignments_csv,W,,0,,,,0,0,0

I've tried a few things , currently I have : 

<query>((index="splunkdata-dev") source="/d01/log/log_splunk_feed.log" ) 

| eval my_field_split = split(index, ",") , log_seq = mvindex(my_field_split, 0)

, log_date = mvindex(my_field_split, 1)

,log_pkg= mvindex(my_field_split, 2)

,log_proc = mvindex(my_field_split, 3)

,log_msg = mvindex(my_field_split, 4)

,log_addl_msg= mvindex(my_field_split, 6)

, log_msg_type = mvindex(my_field_split, 7)

,log_sqlerrm = mvindex(my_field_split, 😎

, log_sqlcode= mvindex(my_field_split, 9)  | table [|makeresults |  eval search ="log_seq log_date log_pkg log_proc log_id log_msg log_addl_msg log_msg_type log_sqlerrm log_sqlcode" | table search ] table