Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Email strip

debabratp
New Member
‎02-19-2013 11:48 PM

In my log file there is a uid/ email field. The splunk search should not display/ignore result if the email domain is for example google, yahoo. Splunk should display result associated with mydomain.

If thelog have ..... uid = myname@mydomain.com.......uid = myname@gmail.com...... uid= mail@yahoo.com..... uid = mail@aol.com......uid=null

The splunk search should spit out uid = myname@mydomain.com. How to do this? Help! help!

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gfuente
Motivator
‎02-20-2013 03:21 AM

Hello

First, if you havent done it yet, you need to extract the email field. Using the regex command, for example:

..| regex "(?<email>[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z0-9]+)" | ...

Then you need to filter the results with

..| search email="*@mydomain.com" | ...

Regards

View solution in original post

Reply
Solved! Jump to solution
Solution

gfuente
Motivator
‎02-20-2013 03:21 AM

Hello

First, if you havent done it yet, you need to extract the email field. Using the regex command, for example:

..| regex "(?<email>[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z0-9]+)" | ...

Then you need to filter the results with

..| search email="*@mydomain.com" | ...

Regards

Reply
Solved! Jump to solution

debabratp
New Member
‎02-20-2013 11:52 AM

Thanks for your regx to extract only the email. Your answer is perfect. But I asked the question differently. My bad. It helped.

But how do i use it in Dashboard? Do i need to have escape character for (?...

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...