Splunk Search
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Editing extracted fields' regex

voxeoRamya
Engager
‎07-06-2011 11:43 AM

Hey,

I would like to know how to change / modify / edit the regex for an extracted field. Your video tutorials were great in helping me learn and understand creating fields. Thanks 🙂

Best,

Ramya

Reply

steveirogers
Communicator
‎07-06-2011 12:36 PM

Edit regex for extracted fields:
If you have already saved the extracted field, then in Version 4.1.2, try the following:
Go to the Manager link and click on the following:
Manager --> Fields --> Field extractions
Select your field from the list

You should get an input field with your regex avialable for editing.

Reply
Get Updates on the Splunk Community!

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL  The Splunk AI Assistant for SPL ...

Buttercup Games: Further Dashboarding Techniques (Part 5)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Customers Increasingly Choose Splunk for Observability

For the second year in a row, Splunk was recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for ...
Top