Hi there,
What's the best way to search where I need to search from a CSV sourcetype file. I need to use multiple conditions
Here is how my current sample search looks like:
index=* sourcetype=csv "FirstSearchTerm" | search "text1" OR "text2" OR "text3" OR "text4" OR "text5" | replace "item1" WITH "Group1" in field5 | replace "item1" WITH "Group2" in field5 | replace "item3" WITH "Group1" in ield5 | replace "item4" WITH "Group1" in field5 | replace "item5" WITH "Group2" in field5 | dedup field1, field2, field3 | stats county by field2
How do I use subsearches on multiple fields in the same sourcetype and get the results from all the subsearches into a table?
Regards
Uday
↧