Hello,
i have been trying to expand multi value fields from different source-type. Problem is that when i do expand link between relevant data gets lost. I have described a similar scenario below. Any help would be greatly appreciated.
Sample source type and data are given below.
**Source A Source B**
Customer_ID Customer_Name Customer_ID Purchased_Item
121 Jesse 121 Pen
122 Rodger 121 Pencil
123 Hem 122 Fountain Pen
123 Paper
What i want as output is
Expected Output
Customer_ID Customer_Name Purchased_Item
121 Jesse Pen
121 Jesse Pencil
122 Rodger Fountain Pen
123 Hem Paper
but unfortunately my current output looks like this
Current Output
Customer_ID Customer_Name Purchased_Item
121 Jesse Pen
122 Rodger Pencil
123 Hem Fountain Pen
My Code is below for your references
Source A OR Source B
| fields Customer_ID,Customer_Name,Purchased_Item
| stats list(Customer_Name) as Customer Name,stats list(Purchased_Item) as Purchased_Item by Customer_ID
| table Contact1,agent_name,ipcctime,cim_agent,cimtime
| eval total= mvzip(Customer_Name,Purchased_Item) | mvexpand total| makemv total delim="," | eval Customer_Name=mvindex(total,0)| eval Purchased_Item=mvindex(total,1)
Any tips or help would be greatly appreciated.
↧