Solved: How to extract these fields and compare the values...

marcroyer · ‎05-17-2016

Hi,

I have 2 fields. Field1 is named field13 and Field2 is named logical_usage.

Field1 contains "hard" : 1099511627776
Field2 contains "logical" : 664419

I tried to extract values after the : and after a ratio of the usage. That's for a quota ratio.

I tried with | rex, but I didn't find the right way to do it.

Thank you for your precious help.

sundareshr · ‎05-17-2016

This rex command will extract the number.

.... | rex field=field1 "\:\s*(?<field1value>\d+)" | rex field=field2 "\:\s*(?<field2value>\d+)" | table field1value field2value

somesoni2 · ‎05-17-2016

Give this a try as well

your base search | eval Quota_Ratio=tonumber(mvindex(split(logical_usage," "),-1))/tonumber(mvindex(split(field13," "),-1))

sundareshr · ‎05-17-2016

This rex command will extract the number.

.... | rex field=field1 "\:\s*(?<field1value>\d+)" | rex field=field2 "\:\s*(?<field2value>\d+)" | table field1value field2value

marcroyer · ‎05-17-2016

Hi Guys,

Thank you very much !!! It's working as expected.

How to extract these fields and compare the values?