Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What special characters are available for use with rex and regex and what are their functions?

satya2p
Path Finder
‎02-10-2015 11:16 AM

I see a variety of letters being used like w,n,d,s etc. pls help me to understand what characters are available to use and what these characters stand for in these queries.

rex field=_raw=AnyKeyord "(?*w+)"
rex field=_raw=AnyKeyord "(?**n+)"
regex AnyKeyord=\d+*
regex AnyKeyord=\n+

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ppablo
Retired
‎02-10-2015 11:21 AM

Hi @satya2p

Have you taken a look at the Splunk documentation on regular expressions? It also covers the different character types:
http://docs.splunk.com/Documentation/Splunk/6.2.1/Knowledge/AboutSplunkregularexpressions

View solution in original post

Reply
Solved! Jump to solution

dwaddle
SplunkTrust
SplunkTrust
‎02-10-2015 12:29 PM 
man pcrepattern
Reply
Solved! Jump to solution

rlough
Path Finder
‎02-10-2015 12:24 PM

Do you have a specific task you're trying to achieve?

0 Karma
Reply
Solved! Jump to solution

alacercogitatus
SplunkTrust
SplunkTrust
‎02-10-2015 11:21 AM

Surely, me thought upon sitting to review the site of answers from Splunktonia, Surely this question would be answered? But nay, none dare tackle the daunting task of defining regex. But hark! A hero, in the distance! Although he be of simple stature, and average girth, he brought much knowledge and wisdom. He therefore sayeth: Yon @satya2p, hereupon receiving these words of written ideas, perhaps you should navigate towards the aforementioned site of destiny! http://www.regular-expressions.info/tutorial.html This "tutorial" gives many ideas and explanations that shall explain the nature of a regex and what "w", "n" and the like express! Enjoy thusly!

Reply
Solved! Jump to solution

KindaWorking
Path Finder
‎02-10-2015 01:00 PM

Just to follow on from the witty alacercogitatus. Another tutorial I found very handy is:
http://regexone.com/

As for testing that your regex expression is correct, check out:
https://regex101.com/

The second link I gave you I still use to this day and will continue to use it no matter how proficient I get with regex.

Reply
Solved! Jump to solution
Solution

ppablo
Retired
‎02-10-2015 11:21 AM

Hi @satya2p

Have you taken a look at the Splunk documentation on regular expressions? It also covers the different character types:
http://docs.splunk.com/Documentation/Splunk/6.2.1/Knowledge/AboutSplunkregularexpressions

Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...