Hello Splunkers, 

I wanted to extract  output1 and output6 fields from raw event

Example Event1:

Message : output,1: The guess/tmp/var/tms/bmp_abcd/apm_salesforce/address_standardplot/serviceinput/AddressStandardiplot_S3_VariousDmsJob_V9_apm_unmatch_AVI-pct-STANDARD_123456789_9912333333-f12f-5cb9-aa10-9d101188ad47.banana.2 file, which contains 456 rows, was written to the standardplot-s3-abc-dev-005 bucket.

Example Event 2

Message : output,6: Input 0 consumed 123 records.

desired result

output1=456 rows
output6=123 records

Message field is also not auto extracted by Splunk. May need to use |rex field=_raw........

Please Advise