Splunk result in Table format

63 Views Asked by Shakeer Hussain At 19 February 2024 at 04:32

Can you please help how to return below splunk result into Table format.

Employer details name Jon smith empid:4538938
Employer details name Mac Stone empid:4538939
Employer details name David smith empid:4534458

splunk Output in table format

Name          Empid
Jon smith     4538938
Mac Stone     4538939
David smith   4534458

Original Q&A

There are 1 best solutions below

Mads Hansen On 19 February 2024 at 14:58 BEST ANSWER

If you don't already have anything parsing the information into fields, then you could apply a regex with rex to extract data into fields, and then plot as a table with the table command:

| rex field=Message "Employer details name (?<name>.*) empid:(?<empid>\d+)"
| table name empid

Splunk result in Table format

There are 1 best solutions below

Related Questions in SPLUNK

Related Questions in SPLUNK-QUERY

Related Questions in SPLUNK-DASHBOARD

Trending Questions

Popular # Hahtags

Popular Questions