cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
shivani364
New Member
Member since: ‎06-23-2023
‎06-23-2023
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎06-23-2023
View All

How to add a string in the field value when there ...

by in Splunk Search
‎06-23-2023 08:39 AM
‎06-23-2023 08:39 AM
I have a field named "port_number"  in my results which gives multivalves as follows. source  destination port_number 3.4.5.6 22.34.56.78 1234 12.23.43.54 13.45.65.76 1234 3456 4567 8764 2345 2345 2349 12.32.43.54 65.43.21.12 7899 6788 4566 2344   Whereas query is as follows        Index= ABC | stats values(port_number) as port_number by source, destination        Now how can I make the result look like as follows  Expected Outcome :-  source  destination port_number 3.4.5.6 22.34.56.78 1234 12.23.43.54 13.45.65.76 1234 3456 Check logs for more port numbers 12.32.43.54 65.43.21.12 7899 6788 check logs for more port numbers   As you can see in the above result all I am trying to do is if there are more than 2 values in a field then I would like to add a text instead of displaying all the numbers as some results have more than 100 ports.  ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-23-2023 11:59 AM