Solved: Writing rex to grep a value from the field

nivethainspire_ · ‎02-15-2017

I have 3 different values to be extracted. Please help me in writing rex command

here is the field values
name="ascd23:deo"
name="adcs44.sys.com"
name="aswdc-w.foul.com"

I need values as below
name=ascd23
name=adcs44
name=aswdc-w
I need a rex command

martin_mueller · ‎02-15-2017

So... everything before the first dot or colon, not including quotes?

If you already have the name field key-value-extracted, try this:

... | rex field=name "^(?<name>[^.:]+)"

If you don't already have the name field, try this:

... | rex "name=\"(?<name>[^.:\"]+)"

martin_mueller · ‎02-15-2017

So... everything before the first dot or colon, not including quotes?

If you already have the name field key-value-extracted, try this:

... | rex field=name "^(?<name>[^.:]+)"

If you don't already have the name field, try this:

... | rex "name=\"(?<name>[^.:\"]+)"

Writing rex to grep a value from the field