hi @lucky,

Try this:

| rex "\-(PUT|GET|POST|DELETE)(?<url>[\/A-z]+).*Responsecode=(?<ResponseCode>\d+)"

Sample query:

| makeresults | eval _raw="message: INFO [nio-8443-exce-8] b. b. b.filter.loggingvontextfilter c.c.c.c.l.cc.f.loggingcintextfil=ter.post process(Loggingcintextfilter.java\"201)-PUT/actatarr/halt/liveness||||||||||||METRIC|--|Responsecode=400|Response Time=0" | rex "\-(PUT|GET|POST|DELETE)(?<url>[\/A-z]+).*Responsecode=(?<ResponseCode>\d+)"