Hi Guys ,
I am trying to Pull full URL From cisco ASA Logs and feed it into Phishing Dashboard. I have two problems
index = * 304001 | rex field=_raw "Accessed URL \d+.\d+.\d+.\d+:(?\w+://$)"
*out put is*
I would really appreciate Help
Try using the urldecode function in the eval command. Add this to your search:
| eval url=urldecode(url)