Splunk Search

How to extract a field value which have combination of number and special characters?

akarivaratharaj
Communicator

I have a field which have values only with numbers and also with combination of number and special characters as values. I would like to filter the field values where both number and special characters are in it.

Example:
Log 1 -> field1="238_345$345"

Log 2 -> field1="+739-8883

Log 3 -> field1="542.789#298"

Already I have tried in writing regex query but there is no expression to filter out the combination of digits & special characters. (No expression to filter all the special character).

How can I filter and display the field value which have the combination of number and special characters? Could anyone help me on this?

Labels (2)
0 Karma

SinghK
Builder
[+\-0-9#$%^!._?@]

 character class 

0 Karma

PickleRick
SplunkTrust
SplunkTrust

Are you sure you want _any_ special character? How do you even define a special character in this case?

I'd rather go either for any non-space character and use

\S

or explicitly define set of acceptable character using character class. Like

[-0-9#$%^!.?@]
0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...