Hi everyone,

I'm struggling with this rex expression:

 query | rex field=source  "/var/syslog*(?<remote_source>\w+)/*.log"

  /var/syslog/name_folder/2015-08-11.log

I need to get the folder name. Could someone please help me to correct this regex?

Thank you a lot! : )