Re: remove specific columns from a table using a s...

harshal_chakran · ‎03-11-2014

Hi,

I have written a search query in Advanced XML dashboard, which displays the table as follows,

parameter value_one value_two value_three value_four param1 1 2 3 4 param2 5 6 7 8 param3 9 10 11 12 param4 13 14 15 16

I want to show only some specific columns based on situations such as,

for situation 1:parameter value_three

for situation 2:parameter value_one

for situation 3:parameter ,value_three ,value_four,value_two

I know that putting " table parameter value_(any required value)" solves the problem. But is it possible to hide/remove columns using there column headers name OR is it possible to remove the first three or last three columns from the table using the search query itself.

Kindly help...!!!

the_wolverine · ‎03-17-2014

I'm not sure why this question is so difficult. A column = field. So just state the columns that you want and/or state the columns that you do NOT want in your query:

situation 1: your search | fields + value_three
situation 2: your search | fields + value_one
situation 3: your search | fields + value_three, value_four, value_two
OR, your search | fields - value_one

somesoni2 · ‎03-11-2014

How do you define the situations? Is is a condition based on search result or a user input based on drop down or something?

martin_mueller · ‎03-11-2014

Isn't calling table or fields exactly what you describe as the first solution, hide/remove columns using their column header names?

remove specific columns from a table using a search command

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!