Solved: Partial Matching

rsathish47 · ‎03-17-2014

Hi all,

How do we check field2 contains field1? Please help.

Field1 Value= CA6

Field2 Value= IA6,CA6,CA8,CA9,CA10,CA7,T7,I6,I7,I10,AP7,AP10

Thanks
Sathish R

lguinn2 · ‎03-17-2014

If Field2 is a multivalued field, this will work

yoursearchhere
| eval n=mvfind(Field2,Field1)
| eval FoundIt = if(isnotnull(n),True,False)

Otherwise, try this

yoursearchhere
| eval FoundIt = if(match(Field2,Field1),True,False)

For either of these solutions to work, Field1 cannot contain any regular expression special characters:

\ ^ $ . | ? * + ( ) [ {

lguinn2 · ‎03-17-2014

If Field2 is a multivalued field, this will work

yoursearchhere
| eval n=mvfind(Field2,Field1)
| eval FoundIt = if(isnotnull(n),True,False)

Otherwise, try this

yoursearchhere
| eval FoundIt = if(match(Field2,Field1),True,False)

For either of these solutions to work, Field1 cannot contain any regular expression special characters:

\ ^ $ . | ? * + ( ) [ {

rsathish47 · ‎03-18-2014

Thanks lguinn.. It worked 🙂

Partial Matching