Hi, I wanted to extract the words that comes after 3 back slashes as field API
Please help me in writing the regular expression
Like this:
| rex field=_raw "\\{3}(?<API>\w+)"
I took you literally and I am quite sure that what you said you need is not actually what you need.
Hi Deepz2612, if you want to use the rex command, use this:
your_search | rex "\/\w+\/\w+\/(?<my_field>.*)" | ...
You can test it at https://regex101.com/r/EceD4t/1
Bye. Giuseppe
Give this a try:
\/\w+\/\w+\/(?\w+)
Check out regex101.com if you aren't familiar. It is a good place to work out / test regex against text.
