Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Highlighted

Using search regex fails when the fieldname is a number

nnachefski
Engager
‎10-19-2010 01:21 PM

So i have this regex:

| regex sy="\S{4,10}"

which works fine. I'm telling it to match only on non-whitespace characters 4 to 10 chars in length.

But, when i change the fieldname to a number the regex fails every time.

| regex 1="\S{4,10}"

I tried the following with no luck:

| regex "1"="\S{4,10}"

| regex "1=\S{4,10}"

Any help would be greatly appreciated.

Tags (2)
0 Karma
Reply
Highlighted

Re: Using search regex fails when the fieldname is a number

araitz
Splunk Employee
Splunk Employee
‎10-19-2010 04:18 PM

Field names cannot begin with a number, so "1" is not a valid field name.

Reply