Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Highlighted
Solved! Jump to solution

Can I use regex to remove a pipe character from a string?

MikeElliott
Communicator
‎09-27-2017 04:24 AM

Hi All,

I am having a problem with my search output. One of the results contains a pipe ( | ) - E.g. bad_domain|www.baddomain.com.

Once run, the search results are passed to a 3rd party tool that uses pipes as formatting options - This rogue pipe is being picked up as a formatting option. I would like to know how to remove, or replace, the pipe in my search results, for example:

baddomain|www.baddomain.com to baddomainwww.baddomain.com, or baddomain-www.baddomain.com.

Can anyone assist?

Tags (3)
0 Karma
Reply
1 Solution
Highlighted
Solved! Jump to solution
Solution

Re: Can I use regex to remove a pipe character from a string?

HiroshiSatoh
Champion
‎09-27-2017 04:31 AM

try this!

(your search)|eval text=replace(text,"\|","_")

Please change TEXT to field name.

View solution in original post

0 Karma
Reply
Highlighted
Solved! Jump to solution

Re: Can I use regex to remove a pipe character from a string?

MikeElliott
Communicator
‎09-27-2017 04:59 AM

Worked perfectly - Thank you so very much!

0 Karma
Reply