Splunk ITSI
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Hi Team, I need to extract the field program name from the logs .

Hemant1
Explorer
‎06-15-2019 04:05 AM

"program_name"=>"Love Lagna Locha - Episode 117 - January 31, 2017 - Full Episode"

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎06-15-2019 05:15 AM

One way is with rex.

... | rex "program_name\"=>\"(?<program_name>[^\"]+)\"" | ...
---
If this reply helps you, Karma would be appreciated.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎06-15-2019 05:15 AM

One way is with rex.

... | rex "program_name\"=>\"(?<program_name>[^\"]+)\"" | ...
---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Solved! Jump to solution

Hemant1
Explorer
‎06-15-2019 05:40 AM

thank you so much

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 2)

Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get ...

Index This | I am a number but I am countless. What am I?

January 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  Happy New Year! We’re ...

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

PLATFORM TECH TALKS What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience Thursday, February 27, ...