Hi.

I'd like to rex a field that starts with another field value.

EX:

****Data

UA=Mozilla/5.0 (Linux; Android 4.0.3; GT-I9100 Build/IML74K) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Mobile Safari/535.19
AV=18.0.1025

****Desired

AV2=18.0.1025.166

****Search

| inputlookup VERSION.csv
| rex field=UA "<AV>.(?<AV1>\d+)\s"
| eval AV2=AV+"."+AV1
| eval AV2=if(isnull(AV2),AV,AV2)