Spread our blog

Usage of Splunk EVAL Function : LEN

  • This function returns the count of character in the string.
  • This function takes a single argument X where X is any field name.
 

Find below the skeleton of the usage of the function “len” with EVAL :

 ….. |  eval New_Field=len(X)

Example :

index=_internal

| eval LENGTH=len(method)

| table method,LENGTH

| dedup method,LENGTH

 

Result :

method                                                                     LENGTH

GET  3
POST  4
DELETE  6

 

Explanation : 

In the above Query, “method” is the existing field name in the “_internal” index.

The count of number of characters of each values of the “method” field are assigned to the “LENGTH”.

For example number of characters of “GET” is 3 and “POST” is 4 etc.

 

 

Now you can effectively utilize “len” function with “eval” command to meet your requirement !!

Hope you are now comfortable in : Usage of Splunk EVAL Function : LEN

HAPPY SPLUNKING !!

 

 

 

What’s your Reaction?
+1
+1
+1
+1
+1
1
+1
+1

Spread our blog
You can also know about :  Usage of Splunk EVAL Function :TOSTRING

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here