Splunk Search

Only show logs where field value has a decimal place

Path Finder

Hi all,

I'm trying to run a search that only finds specific events in a log which have field X equal to a number with a decimal place. Creating the search of simply X>0 returns all log events with any number, which is a good start. Now I'm just looking to filter the results a bit more so only logs having field X equal to any number that has a decimal place will be displayed. What would be the best way to accomplish this?

Thanks.

0 Karma
1 Solution

SplunkTrust
SplunkTrust

This searches for a period anywhere in field myfield, and drops all records that do not have one.

| regex myfield="\."

View solution in original post

0 Karma

SplunkTrust
SplunkTrust

This searches for a period anywhere in field myfield, and drops all records that do not have one.

| regex myfield="\."

View solution in original post

0 Karma

Path Finder

This is exactly what I needed. Thank you!