Solved: Re: Remove Header column outputcsv

efelder0 · ‎11-04-2011

Is there a way to remove the Header column row after performing the outputcsv command during a Splunk search?

Rob · ‎01-19-2012

I don't thing there is any way to remove the header by using a Splunk command that would remove it from the csv file generated by the outputcsv command. Your best bet would be to run a clean up script that removes the header info after the file is generated.

View solution in original post

Rob · ‎01-19-2012

I don't thing there is any way to remove the header by using a Splunk command that would remove it from the csv file generated by the outputcsv command. Your best bet would be to run a clean up script that removes the header info after the file is generated.

responsys_cm · ‎07-05-2012

Can we get this feature added as an option to the outputcsv command? I have some tools that use CSV files for configs and it would be nice if Splunk could keep them dynamically updated.

Starlette · ‎11-13-2011

2 options :

1)
Save a NOT search as macro to catch the lines and prefix this in your main search

2)
Get rid of them before indexing ( best option)

Check this , and scroll for the sedcmd

The regex should be pretty easy,,just the first range of characters, let me know if you succeed, otherwise paste a sample and the header...

Remove Header column outputcsv

How to Monitor Google Kubernetes Engine (GKE)

Index This | How can you make 45 using only 4?

Splunk Education Goes to Washington | Splunk GovSummit 2024