Solved: Extract multiple words in a filed

marco_massari11 · ‎12-02-2020

Hi,

I have some syslog logs and I need to extract the first words of a field values. The field value starts like this:

Site Corporate Windows AM\\Passed\\

My result should be :

Corporate Passed

Note: I can have also Unmanaged instead of Corporate and Failed insted of Passed, so I have 4 options:

Corporate Passed

Corporate Failed

Unmanaged Passed

Unmanaged Failed

nickhills · ‎12-02-2020

That happens because of some additional escaping which is needed.

Try this version, which avoids needing a triple \

Site (?<site>\w+).+\\\\(?<result>\w+)

If my comment helps, please give it a thumbs up!

493669 · ‎12-02-2020

@marco_massari11 if you want extract multiple fields then try below-
Updated-

Site (?<field1>\w+)[^\\\\]+\\\\(?<field2>\w+)

It will extract in field1 and field2.

-------
let me know if it helps!

marco_massari11 · ‎12-02-2020

Hi @493669 I have this message error Regex: missing terminating ] for character class.

nickhills · ‎12-02-2020

That happens because of some additional escaping which is needed.

Try this version, which avoids needing a triple \

Site (?<site>\w+).+\\\\(?<result>\w+)

If my comment helps, please give it a thumbs up!

Extract multiple words in a filed