Hi everyone, I have create aregularexpression query that match in a long list of pathname 1 specific folder, and next cut everything that there is after this folder:
index=main " | rex "\s...
...ETWEEN ANGLE BRACKETS \d+)"
Then I have a new fieldauxTranID with the proper numeric value.
If I go to the addattribute feature in the datamodel definition and I adda rex expression selecting t...
I'm adding a CSV using the "Add Data" GUI in Splunk 6.2. When I get to the Input Settings page, I have the option to specify a "Regularexpression on path" to define the Host field. However, I have n...
...t;object_name>[^\"]+)"
I now get in addition to the above:
domain=DOMAIN
object_name=AD-SecurityGroup
This is exactly what I want, but when I add it to afield extraction on the s...
Hi all,
I have aregularexpression ^(.*)bytes read (?P\d+) written (?P\d+)$ , where i edited the proper regularexpression from afield to this to get output of particular users info to read t...
...written 317555. I added a name field for it as ACTIVITY. The regularexpression i can get is ^(?:[^ \n]* ){7}(?P.+)
How can i change the name ACTIVITY into a proper regularexpression to get b...
I want to make a usecase that will detect the usage of several destination port numbers. For this, I think it's easiest to use aregularexpression. But I'm not sure. I'm also having trouble i...
...roperly, at moment I tried the delimiters but it doesn't work with : I believe I will have to write an regularexpression (this is where I got stuck as I have no clue how...) Basically what I...
...43ms, 8s30ms, 11s404ms
How would I extract the seconds portion, convert it into ms and add it to ms so that I can get the upload time always in ms please?
...ame is cpu , the type is regex-based with the regularexpression ^.*/cpu-([0-9]+)/ and the source key source . According to the form, the default format ( <transform_stanza_name>::$1 ) s...