Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Combination of uri patterns

xvxt006
Contributor
‎10-28-2013 12:12 PM

Hi,

i would like to capture the below 2 patterns and i tried to use the below combination but i am not getting intended results. Can someone help

/product/Dsdhty-wetds-Cartridge-3456er?s_pp=false

/search?searchQuery=1DAH1

Tried this..
| (uri=/product/* OR regex uri="/search\?searchQuery=\w{5}$")

Tags (1)
0 Karma
Reply

lukejadamec
Super Champion
‎10-28-2013 12:29 PM

You're missing a slash before the w.

\w{5}$

Well, I don't think you can use an OR with a regex, and a subsearch won't work. You can append the results. Here is an example for pulling two series of EventCodes. 

index=main EventCode="5*" |stats count by EventCode |append [search index=main EventCode="*" | regex EventCode="^4\d+" |stats count by EventCode]
0 Karma
Reply

lukejadamec
Super Champion
‎10-28-2013 01:09 PM

I updated the answer with an example of append.

0 Karma
Reply

lukejadamec
Super Champion
‎10-28-2013 12:34 PM

Highlight the string and click the 101010 format option to capture the special characters.

0 Karma
Reply

xvxt006
Contributor
‎10-28-2013 12:32 PM

Actually for some reason it is not showing the backslash when i put it but i do have it in my query 🙂

0 Karma
Reply
Get Updates on the Splunk Community!

Data Management Digest – November 2025

  Welcome to the inaugural edition of Data Management Digest! As your trusted partner in data innovation, the ...

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Real progress on your strategic priorities starts with knowing the business outcomes your teams are delivering ...