Solved: Re: Only show logs where field value has a decimal...

bcarr12 · ‎10-17-2017

Hi all,

I'm trying to run a search that only finds specific events in a log which have field X equal to a number with a decimal place. Creating the search of simply X>0 returns all log events with any number, which is a good start. Now I'm just looking to filter the results a bit more so only logs having field X equal to any number that has a decimal place will be displayed. What would be the best way to accomplish this?

Thanks.

DalJeanis · ‎10-17-2017

This searches for a period anywhere in field myfield, and drops all records that do not have one.

| regex myfield="\."

View solution in original post

DalJeanis · ‎10-17-2017

This searches for a period anywhere in field myfield, and drops all records that do not have one.

| regex myfield="\."

bcarr12 · ‎10-17-2017

This is exactly what I needed. Thank you!

Only show logs where field value has a decimal place

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Join the Conversation