Solved: Why is Colon Character in JS not working?

rkeq0515 · ‎07-26-2022

I am trying to use a colon ( : ) in my js file; however, I do not see results when I use the colon. I verified that the command works with the colon when I run it within a Search window. I also have it working without the colon in the js file. I just can't seem to use the colon in the js file.

The following code in my js file does not work.

... | search (path IN (\"*:\\windows\\*\")) | stats count

The following code in my js file works.

... | search (path IN (\"*\\windows\\*\")) | stats count

I tried to escape it like I did the double-quotes, but that did not work. Is there a way to use the colon in the js file?

Thanks

VatsalJagani · ‎07-26-2022

@rkeq0515 - I always try multiple try-and-error when dealing with \ (backward slash).

One of these should work:

... | search path IN (\"*:\\windows\\*\") | stats count

... | search path IN (\"*:\\\windows\\\*\") | stats count

... | search path IN (\"*:\\\\windows\\\\*\") | stats count

(3 or 4 slashes should work)

I hope this helps!!!

View solution in original post

VatsalJagani · ‎07-26-2022

@rkeq0515 - I always try multiple try-and-error when dealing with \ (backward slash).

One of these should work:

... | search path IN (\"*:\\windows\\*\") | stats count

... | search path IN (\"*:\\\windows\\\*\") | stats count

... | search path IN (\"*:\\\\windows\\\\*\") | stats count

(3 or 4 slashes should work)

I hope this helps!!!

rkeq0515 · ‎07-26-2022

Thank you! The 4 back slashes worked. I was focused on the colon since 2 back slashes were working. However, I see that it wasn't providing the correct data.

Why is Colon Character in JS not working?

development

troubleshooting

using Splunk Enterprise

Troubleshooting the OpenTelemetry Collector

Adoption of Infrastructure Monitoring at Splunk

Modern way of developing distributed application using OTel