Solved: Re: Rex Not Extracting All Data - Page 2

IRHM73 · ‎10-21-2015

HI,

I wonder whether someone could help me please.

I'm trying to extract the first name from the data as shown below:

 [{"name":{"current":{"firstName":"M","lastName":"SMITH"}},"ids":{"nino":"AA111111A"},"dateOfBirth":"26121973"}]

So I've put together the following rex:

rex field="detail.output-cid-response" "\"firstName\":\"(?<cidFName>[^\"]+)"

The problem I have is that although there is data there, it is not extracting the "cidFName" for all the records and to be honest I'm at a loss why.

Could someone perhaps shed some light on where I'm going wrong please.

Many thanks and kind regards

Chris

wpreston · ‎10-21-2015

Can you try this one?

rex field="detail.output-cid-response" "firstName\\\":\\\"(?<cidFName>[^\\]+)\\"

View solution in original post

IRHM73 · ‎10-21-2015

Hi please find a little more of my log:

{"output-cid-response":"[{\"name\":{\"current\":{\"firstName\":\"ESTELLE\",\"lastName\":\"CRICHTON\"}},\"ids\":{\"sautr\":\"2354290204\",\"nino\":\"ZA631419C\"},\"dateOfBirth\":\"04111923\"}]"

I also don't see a problem with Regex, because I've been using Regex101 to check this.

I hope this helps.

Many thanks and kind regards

Chris

renatobamorim · ‎10-21-2015

try use rex field=_raw

Rex Not Extracting All Data

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Join the Conversation

Rex Not Extracting All Data

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+