Archive

Help in RegEx to get a separate values

Path Finder

Need help in formatting a regex comand output.

Program that I created:

index=opennms  "bigipServiceDown"
  | rex field=eventlogmsg "bigipNotifyObjMsg=(?<POOL>.+down. )"
  | table POOL, nodelabel

Output :

POOL    nodelabel
Pool /Common/tiger.exxonmobil.com-443-pl member /Common/10.159.217.11:443 monitor status down. [ /Common/https-vdi-connection_manager: down;    INMCOIGW-APNADC003
Pool /Common/tiger.exxonmobil.com-443-pl member /Common/10.159.217.11:443 monitor status down. [ /Common/https-vdi-connection_manager: down;    INMCOIGW-APNADC003
Pool /Common/tiger.exxonmobil.com-443-pl member /Common/10.159.217.11:443 monitor status down. [ /Common/https-vdi-connection_manager: down;    INMCOIGW-APNADC003

Expected output :

POOL    Monitor VDI nodelabel
tiger.exxonmobil.com-443-pl member  10.159.217.11:443 monitor status down   Common/https-vdi-connection_manager: down   INMCOIGW-APNADC003
leopard.exxonmobil.com-443-pl member    Common/vdi-pnh.ap.xom.com:443 monitor status down   Common/https-vdi-connection_manager-pnh: down   INMCO-APNADC104

RAW Data :

eventlogmsg=""<p>
    bigipServiceDown trap received
    bigipNotifyObjMsg=Pool /Common/leopard.exxonmobil.com-443-pl member /Common/vdi-pnh.ap.xom.com:443 monitor status down. [ /Common/https-vdi-connection_manager-pnh: down; last error: /Common/https-vdi-connection_manager-pnh:  Response Code: 404 (Not Found) @2020/02/03 07:06:46.  ]  [ was up for 0hr:49mins:15sec ] (slot2)
    bigipNotifyObjNode=/Common/vdi-pnh.ap.xom.com
    bigipNotifyObjPort=443</p>""
0 Karma

Communicator

You can use the following regex to extract the 3 fields POOL, Monitor and VDI. You can try this regex in regex101 to check what exactly is happening:

"bigipNotifyObjMsg=Pool\s+.*?(?<POOL>[^\/]+)(?=\s+)\s+.*?(?<Monitor>[^\/]+)(?=\.\s+\[)\.\s+\[\s+(?<VDI>[^;]+);"
0 Karma

Path Finder

Sorry that didnt worked, its not giving a result.

Raw Data:

eventlogmsg=""


bigipServiceDown trap received
bigipNotifyObjMsg=Pool /Common/leopard.exxonmobil.com-443-pl member /Common/vdi-pnh.ap.xom.com:443 monitor status down. [ /Common/https-vdi-connection_manager-pnh: down; last error: /Common/https-vdi-connection_manager-pnh: Response Code: 404 (Not Found) @2020/02/03 07:06:46. ] was up for 0hr:49mins:15sec
bigipNotifyObjNode=/Common/vdi-pnh.ap.xom.com
bigipNotifyObjPort=443

""

0 Karma