I am getting an error when using the following regex (?<=on\s)(.*)(?=\sby Firewall Settings) The error is "Error in 'rex' command: regex="(?<=on\s)(.*)(?<HostName>.*)(?=\sby F...
Hi Splunkers! I would like to extract detection_method value, "Access Protection" file_name="HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\", detection_method="Acces...
Hi
I need help to extract and to filter fields with rex and regex
1) i need to use a rex field on path wich end by ".exe"
Example : in path C:\ProgramFiles\Toto\alert.exe in need to catch "a...
...hars prefixed with 999 might be in a different place in the field. i.e. blah_blah_6chars_blah 6chars example value=999aaa so the regex should find all occurences of 999 in the f...
When writing regex, where in the regex string am I supposed to add the (?<new_field>) string ? I have included a sample regex string below, where in this string would I add (?<new_field&g...
Hello Team,
can anyone help me with the extraction of new field
input: site: mclaudelinemugasqiln.platinilemu.com:1227
site is a field
domain is mclaudelinemugasqiln.plati...
...alues(Ldap_group) AS Ldap_group by elid, full_name
The regex I wrote only gave me few values, not all of it. I wanted all values in Ldap_group to be written separately in different rows ....
...equested etypes : 18 17 3. The accounts available etypes : 23. Changing or resetting the password of XXX-G-Dashboard-Dev will generate a proper key.
What is the regex to extract words in red? Thanks.
Hello Splunk Community,
I'm trying to extract fields from the cloudwatch events like 1)region 2)arn 3) startTime 4) endTime 5)eventTypeCode 6)latestDescription from an event. The regex w...