in regex101.com, tested below REGEX it was working Updated below props.conf and transforms.conf in deployment server and 2 heavy forwarders as well, but not working props.conf [nix:messages] TRAN...
See more...
in regex101.com, tested below REGEX it was working Updated below props.conf and transforms.conf in deployment server and 2 heavy forwarders as well, but not working props.conf [nix:messages] TRANSFORMS-set_host = set_custom_host transforms.conf [set_custom_host] REGEX = /TUC-[^/]+/[^/\n]+/([^-\n]+(?:-[^-\n]+){0,3})-(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})-\d{2}-\d{2}-\d{4}\.log FORMAT = host::$1 DEST_KEY = MetaData:Host /TUC-RST50/OOB/TUC-RST50M01ZTDCGDG01-01U-01-55.66.77.888-20-03-2025.log /TUC-SNK50/OOB/TUC-RST50N03ZTLEFCG02-20U-SRV02-44.55.66.777-21-03-2025.log /TUC-TYB50/OOB/TUC-RST50S03ZTLEFDB0B-20U-SRV01-33.44.55.666-21-03-2025.log /TUC-RST50/firewall/TUC-RST50M01ZTCOMDE0C-30U-EMSFW01-22.33.44.555-22-03-2025.log /TUC-SNK50/OOB/TUC-RST50M01FTIFW-11.22.33.444-22-03-2025.log BELOW output should get updated in the host field TUC-RST50M01ZTDCGDG01-01U-01 TUC-RST50N03ZTLEFCG02-20U-SRV02 TUC-RST50S03ZTLEFDB0B-20U-SRV01 TUC-RST50M01ZTCOMDE0C-30U-EMSFW01 TUC-RST50M01FTIFW