Re: string fields with numbers to be compared

Hema_Nithya · ‎08-31-2023

I have another issue in comparing and want to compare should_be with server_installed_package . Sometime package installed is higher after patching . Example given below for git version if should_be== server_installed_package , the status should updated as Completed
, Another case if server_installed_packages is greater than shouldbe to mark as complete 2 < 3 , also it should check for if first number is same , it should check for second digits . it should mark as completed , else it should check for the next digit if it is 2. and it should check for another number .

CI	Installed	shouldbe	server_installed_package	Status
server1	git-2.31.1-3.el8_7	git-2.39.3-1.el8_8	git-3.40.3-1.el8_8	Not complete

gcusello · ‎08-31-2023

Hi @Hema_Nithya ,

this check highly depends on the format of the version, so if the format is always the one you shared (git-2.31.1-3.el8_7 and git-2.39.3-1.el8_8), you could use a regex to extract the numeric version:

| rex field=installed ".*(?<version_installed>\d+_\d+)"
| rex field=shouldbe ".*(?<version_shouldbe>\d+_\d+)"

so you can compare them.

Ciao.

Giuseppe

string fields with numbers to be compared

field extraction

regex

subsearch

table

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Join the Conversation