The fillnull command replaces null or missing values in specified fields with a given replacement value. In this example, the command sets the src field to "Unknown" wherever it is null. It does not affect other fields or convert values from "Unknown" back to null.
[Reference:, Splunk Power User Study Guide, Search Commands Section, Splunk Docs: fillnull Command, "fillnull replaces null field values with a specified string or number for a given field or fields.", , , , , ]
Submit