Hello guys I hope you are all having a great week
I work in a hotel chain and we provide transportation services, but unfortunaly for one of the contries where we have bussiness the type of transporation service provided comes in single string and I cant seem to break it down to make sense of it...
The structure of this string goes as follows
tvservice63_U8956
tvservice63_L45
tvservice63_X15
tvservice63_T63
the letter after the "_" represents the type of transportation and the number following is the amount charged
What I want to do is the following
| string | service | BILL |
| tvservice63_U8956 | U | 8956 |
| tvservice63_L45 | L | 45 |
| tvservice63_X15 | X | 15 |
| tvservice63_T63 | T | 63 |
separate the type of service and the amount of the bill I know I can use split or rex to separate by the "_" but Im lost at how to tell splunk to get the letter and the amount charged... thank you so much to those who can help me
