Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Extracting the end of a URL

jravida
Communicator
‎05-15-2014 01:27 PM

Hi folks,

I was wondering if there is a quick way to extract the end of a URL (within the URI portion) and put it in a field.

www.example.com/2014/05/15/world/africa/sudan-christian-woman-apostasy/index.html
www.example.com/test/sudan-christian-woman-apostasy/test.zip

So I would only want index.html and test.zip to show up in a new field.

Hope this is easy to do, it probably is.

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

linu1988
Champion
‎05-15-2014 01:52 PM

Try this

| rex field=fiels_name "\/(?<File>\\w+\\.\\w+)"

Thanks

View solution in original post

Reply
Solved! Jump to solution
Solution

linu1988
Champion
‎05-15-2014 01:52 PM

Try this

| rex field=fiels_name "\/(?<File>\\w+\\.\\w+)"

Thanks

Reply
Solved! Jump to solution

jravida
Communicator
‎05-16-2014 01:06 PM

This works perfect. Thanks for taking the time!

0 Karma
Reply
Get Updates on the Splunk Community!

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

What’s New in Splunk Enterprise 9.4: Tools for Digital ResilienceTune in to What’s New in Splunk Enterprise ...

Get Schooled with Splunk Education: Explore Our Latest Courses

At Splunk Education, we’re dedicated to providing incredible learning experiences that cater to every skill ...

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL  The Splunk AI Assistant for SPL ...