×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
ziq
Engager
Member since: ‎01-31-2018
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎01-31-2018
Activity Feed
View All

Re: How to omit columns from CSV-style event input...

by in Getting Data In
‎02-02-2018 05:32 AM
‎02-02-2018 05:32 AM
I'm aware and mentioned the script option in my question. But running the data through a script beforehand would be twice as computationally expensive (or more). I also anticipate similar files with different field sets in the future, hence I would need to touch/modify the script for each of these files. (Running the data through a sed/awk/perl script beforehand is certainly possible, but given the size of the file this would be computationally expensive. And as Splunk already extracts the field headers, it appears to me that excluding columns from import would be the cleaner and more efficient approach. Furthermore, it is likely that I will have to deal with similar files (that have different fieldsets or column orders) in the future.) ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM