Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Highlighted

Using search regex fails when the fieldname is a number

nnachefski
Engager
‎10-19-2010 01:21 PM

So i have this regex:

| regex sy="\S{4,10}"

which works fine. I'm telling it to match only on non-whitespace characters 4 to 10 chars in length.

But, when i change the fieldname to a number the regex fails every time.

| regex 1="\S{4,10}"

I tried the following with no luck:

| regex "1"="\S{4,10}"

| regex "1=\S{4,10}"

Any help would be greatly appreciated.

Tags (2)
0 Karma
Reply
Highlighted

Re: Using search regex fails when the fieldname is a number

araitz
Champion
‎10-19-2010 04:18 PM

Field names cannot begin with a number, so "1" is not a valid field name.

Reply
Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.