Solved: Help removing strings after a certain string with ...

harshparikhxlrd · ‎10-31-2019

I'm trying to remove characters after a certain string in my search string. I am still getting the strings after "3" appearing after. I only want a 3 to be displayed.

I only want the 3 to show up from "number of supervisor reminder memos sent:" and I want everything after the 3 to remove.

woodcock · ‎10-31-2019

If you would like to get 3 characters, use this:

... | rex "Number of supervisor reminder memos sent:\s*(?<ex>.{3}?)

If you would like to get all characters up to the first character 3, use this:

... | rex "Number of supervisor reminder memos sent:\s*(?<ex>[^3]+?)

View solution in original post

woodcock · ‎10-31-2019

If you would like to get 3 characters, use this:

... | rex "Number of supervisor reminder memos sent:\s*(?<ex>.{3}?)

If you would like to get all characters up to the first character 3, use this:

... | rex "Number of supervisor reminder memos sent:\s*(?<ex>[^3]+?)

nplamondon · ‎10-31-2019

It looks like your post got truncated; I don't see the complete event or your results.

Help removing strings after a certain string with Rex

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Join the Conversation

Help removing strings after a certain string with Rex

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+