multivalue field

noun

A field that exists in Splunk Enterprise event data that can hold more than one value. Fields usually have a single value, but for events such as email logs you can often find multivalue fields in the To: and Cc: information.

You can use the Search Processing Language (SPL) to modify multivalue fields. You can separate multivalue fields into multiple single value fields, or you can combine single value fields into multivalue fields.

For more information

In the Knowledge Manager Manual:

Configure multivalue fields

In the Search Manual:

Manipulate and evaluate fields with multiple values