Splunk Search

remove specific columns from a table using a search command

harshal_chakran
Builder

Hi,

I have written a search query in Advanced XML dashboard, which displays the table as follows,

parameter value_one value_two value_three value_four
param1 1 2 3 4
param2 5 6 7 8
param3 9 10 11 12
param4 13 14 15 16

I want to show only some specific columns based on situations such as,

for situation 1:parameter value_three

for situation 2:parameter value_one

for situation 3:parameter ,value_three ,value_four,value_two

I know that putting " table parameter value_(any required value)" solves the problem. But is it possible to hide/remove columns using there column headers name OR is it possible to remove the first three or last three columns from the table using the search query itself.

Kindly help...!!!

0 Karma

the_wolverine
Champion

I'm not sure why this question is so difficult. A column = field. So just state the columns that you want and/or state the columns that you do NOT want in your query:

situation 1: your search | fields + value_three
situation 2: your search | fields + value_one
situation 3: your search | fields + value_three, value_four, value_two
OR, your search | fields - value_one

0 Karma

somesoni2
Revered Legend

How do you define the situations? Is is a condition based on search result or a user input based on drop down or something?

0 Karma

martin_mueller
SplunkTrust
SplunkTrust

Isn't calling table or fields exactly what you describe as the first solution, hide/remove columns using their column header names?

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...