
#Splunk docs how to#
To learn how to remove nested fields, see step 3 in Extract a nested map from one field and add it to another field. With your Fields function highlighted, click Start Preview to verify that the expression is working as expected.For example, to remove the source field, type source in the field_list and - in the operator field.
#Splunk docs pdf#
In the Fields function, enter the fields you want to remove from your data in the field_list and type - in the operator field. Install the Splunk App for DSP - Splunk Documentation Splunk Data Stream Processor Install and administer the Data Stream Processor Download manual as PDF Product Version 1.4.If you want to remove specific fields in your data, then:.There are two versions of SPL: SPL and SPL, version 2 (SPL2). In case searching through Splunk Docs, Splunk Dev, Splunk Blogs.

For example, to keep only the host and source fields, type host, source in the field_list. The Search Processing Language (SPL) is a set of commands that you use to search your data. Building custom search commands in Python part I. If you submit a winning example, you will earn undying fame because we will credit you right in the docs. Share your expertise The best examples will be added to the Splunk documentation. Prometheus Authors 2014-2023 Documentation Distributed under CC-BY-4.0.

The allows you to remove fields that you are uninterested in before sending your data to a destination.
