Hi
How can I extract first occured this "User ABC123 invalid" with rex?
Here is the log:
2021-10-03 13:26:44,441 ERROR [APP] User ABC123 invalid: javax.security.auth.login.LoginException: User ABC123 invalid
Thanks,
| rex "\]\s(?<error>[^:]+):"
View solution in original post
Hi @indeed_2000,
if your want to extract the message after "LoginException", you could use the following regex:
| rex "LoginException:\s+(?<message>.*)"
that you can test at https://regex101.com/r/Gz7glo/1
Ciao.
Giuseppe
Doesn't this give the second occurrence not the first?
