Solved: Re: New column using regex

yifatcy · ‎05-11-2021

Hi,

I have the field Queue in my dataset with pattern as follows:

adcams01

adcams02

adcems05

I would like to create a new column in my table which contains 3 letters after adc. For example:

Is it possible using regex? I know it should include eval but it didn't work for me.

Thank you

kamlesh_vaghela · ‎05-11-2021

Try

YOUR_SEARCH
 | rex field=Queue "adc(?<Site>.{3})"

Sample Search:

| makeresults | eval _raw="Queue
adcams01
adcams02
adcems05" | multikv forceheader=1 | table Queue | rex field=Queue "adc(?<Site>.{3})"

Thanks
Kamlesh Vaghela

If this reply helps you, an upvote would be appreciated.

ITWhisperer · ‎05-11-2021

| rex field=Queue "adc(?<Site>[^\d]+)"

kamlesh_vaghela · ‎05-11-2021

Try

YOUR_SEARCH
 | rex field=Queue "adc(?<Site>.{3})"

Sample Search:

| makeresults | eval _raw="Queue
adcams01
adcams02
adcems05" | multikv forceheader=1 | table Queue | rex field=Queue "adc(?<Site>.{3})"

Thanks
Kamlesh Vaghela

If this reply helps you, an upvote would be appreciated.

yifatcy · ‎05-11-2021

Works! thanks

New column using regex