Hi All,

I am trying to extract fields using spath command. I noticed that fields with period in it cannot be extracted; as for the other fields without period are being extracted correctly.

(EXAMPLE FIELDS: action.email AND alert.suppress.period)

Is there any workaround for this? Any help would be much appreciated. Thanks!

Here is my script:

| rest /servicesNS/nobody/SA-ITOA/event_management_interface/correlation_search
| eval value=spath(value,"{}")
| mvexpand value
| eval name = spath(value, "name")
| eval search = spath(value, "search")
| eval schedule = spath(value, "cron_schedule")
| eval status = spath(value, "disabled")
| eval send_email = spath(value, "action.email")
| eval suppress_period = spath(value, "alert.suppress.period")
| fields name, search, schedule, status, send_email, suppress_period