Hi, I'm new to splunk and seek your help in achieving in a functionality.
My log goes something like this,
time=12/04/2013 12:00:36, login_id=1, head_key_value=124, txn_dur=12.54, txn_status=success time=12/04/2013 12:02:46, login_id=2, head_key_value=232, txn_dur=6.36, txn_status=success time=12/04/2013 14:36:11, login_id=3, head_key_value=221, txn_dur=19.23, txn_status=failure
Now I want to display a table with three fields head_key_value_for_1 (values for head_key_value whose login_id=1), head_key_value_for_2 (values for head_key_value whose login_id=2), and head_key_value_for_3 (values for head_key_value whose login_id=3).
Please help me.