how to extract fields using regex

umsundar2015 · ‎04-13-2018

I have the below values in a field ,

Sadf123.dfd.com
er-md-kt-mgmt.com
feb-fe345@tbm.com

I need to extract the values like below ,
Sadf123
er-md-kt
feb-fe345

Can anyone help me to extract this

493669 · ‎04-13-2018

Hi @umsundar2015,
Try This:

...|rex "(?<string>\S+)[\.|\-|@]\w+\.com"

umsundar2015 · ‎04-13-2018

thank you .

String here means the field name rit ?

493669 · ‎04-13-2018

string is the field name to be extracted...
here I assume that before your .com you need to extract till any special characters(like . or - or @) comes...
Please provide your raw data where it wont work
have a look at regex101 which is helpful site for trial https://regex101.com/r/088pwQ/1

umsundar2015 · ‎04-13-2018

This is not working , it displays values like
wkspfbtl18.devqa

Can you please help with other regex

how to extract fields using regex

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Join the Conversation

how to extract fields using regex

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions