I've below Splunk log and trying to get stats count based on consumer_application. I've tried below regular expression but no results were returned -
Splunk Query: "uri":* (PaymentVerticle) | rex field=_raw "consumer_application\"\:\"(?P<Consumer>.*?)\"" | stats count by Consumer
Splunk Log 2021-04-22T11:31:25.115912284Z app_name=java message={"name":"PaymentVerticle", "timestamp":"2021-04-22T11:31:25.115Z","level":"info","schemaVersion":"0.1","application":{"name":"PaymentVerticle","version":"1.1.1"},"request":{"address":{"uri":"PaymentVerticle"},"metadata":{"correlation_id":"042320210010GMT"}},"message":"Received request with body {\"payment_request\":{\"consumer_application\":\"BLUEPRISM\"}}"}
