Re: Replace string

john · ‎03-15-2012

I want to replace (" ") in my xml file to single (").Since there is some misplace of double codes in my whole file.So please help
<?xml version=""1.0"" encoding=""ISO-9000-1"" ?>

gooza · ‎03-15-2012

try:

yoursearch | rex mode=sed "s/\"\"/\"/g"

john · ‎03-16-2012

Thanks gooza.its working

kjamsheed · ‎04-08-2016

works for me as well

Michael · ‎01-14-2015

I had to add the field name to make mine work:
(replacing + with a space in my case)

rex mode=sed field=search_term_used "s/+/ /g"

Also, in my case I had to escape the +

weird, when I post this comment, the rex line looses the escape character .

Livia · ‎03-15-2012

Have you tried to open the xml file with an editor, most of them have a find an replace function.

john · ‎03-15-2012

I should not replace any values manually in the file.I meant i want to replace that double codes during time of search only since it should not make any permanent change in xml file.Can u suggest any search query for that

meenal901 · ‎04-08-2016

You can try replace function of eval for a single field

eval n=replace(date, "^(\d{1,2})/(\d{1,2})/", "\2/\1/")

Else rex will solve your problem 100%

rex mode=sed "s/\"\"/\"/g"

Replace string

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

Are you a member of the Splunk Community?

Replace string

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0