If i have an event_category= User, Logon. I want to be able to create new fields (e.g. X, Y) and present data like X=User and Y=Logon. What would be the query to showcase this in result.
Page 1 / 1
Hi,
You can use the ‘norm on’ command to identify individual fields/values within a specific field:
Untested, but in your case it should look like something this:
norm on event_category <X:string>, <Y:string> | fields event_category, X, Y
Reply
Sign up
Already have an account? Login
Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.
LOGIN AS PARTNER OR CUSTOMER Login with LinkedInLogin to the community
Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.
LOGIN AS PARTNER OR CUSTOMER Login with LinkedInEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.