Solved: how to extract a string before the @ symbol from a...

pavanae · ‎02-10-2020

I have the username filed extraction as follows in the props.conf which extracts the email address:-

 [sourcetype_X]
 EXTRACT-XYZ = username="(?<user>[^+\"]*)"

which extracts the field as follows

 x12345@abc-def-ghij-01.com
 y67891@klm-def-ghij-01.com
 z45787@abc-def-ghij-01.com
 ABC-DEF

Now what would be regex stanza to extract the username as follows from the above

x12345
 y67891
 z45787
 ABC-DEF

nickhills · ‎02-10-2020

Hi @pavanae
Try this:

[sourcetype_X]
EXTRACT-UVW = emailUser="(?<emailUser>[^\@]+)"

If my comment helps, please give it a thumbs up!

Vijeta · ‎02-10-2020

You can extract the name as below

[sourcetype_X]
  EXTRACT-XYZ = username="(?<name>[^+\"]*)@"

nickhills · ‎02-10-2020

Hi @pavanae
Try this:

[sourcetype_X]
EXTRACT-UVW = emailUser="(?<emailUser>[^\@]+)"

If my comment helps, please give it a thumbs up!

how to extract a string before the @ symbol from an email adress?