topic Re: Split pipe delimited line into named columns in Getting Data In

Split pipe delimited line into named columns

Noorzaie — Thu, 05 Jan 2017 21:52:10 GMT

I have the following text line:

COLC |BCCR7520|ACAUTLO1| 300|2017-01-03-12.00.12.000000|2017-01-03-12.02.30.000000| 159| 159| 0| 2M18| 0:01.03| 2M18| 0| 4|LOAD AUTH MASTER TBL|2017-01-03-12.00.12.000000|

I have tried this with no avail:

| rex field=.* "(?<f01>[^\|].*)\|(?<f02>.*)\|" |table f01, f02

Appreciate the help.

Re: Split pipe delimited line into named columns

Noorzaie — Fri, 06 Jan 2017 18:14:13 GMT

Thank you for the input. But I seem to have no luck with it. I still get blanks in the result set.
Will the field=.* return all the data to the end of the line so the rest of the rule can break it down?
I see data in the "events" (299,102 rows). One row from the events:
RENC |OROB531K| | 0|2017-01-05-02.05.47.000000|2017-01-05-02.05.54.000000|17761|17761| 0| 7| 0:00.46|24H00|24H00| 1|LROP D/B RESTORE |2017-01-04-02.04.57.000000| |0001-01-01| | 0| | -| -| -|

Re: Split pipe delimited line into named columns

nmohammed — Fri, 06 Jan 2017 18:40:01 GMT

try using this -

| rex field=_raw "^(?[^|].+)|(?[^|].+)|" | table f01, f02

Re: Split pipe delimited line into named columns

Noorzaie — Fri, 06 Jan 2017 18:54:34 GMT

That did it!
Thank you for your help.