Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
346 results
Sorted by:
03-23-2015
10:26 AM
...ourcetype
During an inline search, those three extracted fields populate the table with integer values, as expected. I then update the field extractions for the sourcetype of postfix_syslog to include t...
12-02-2021
09:50 AM
Hello, How would I implement inline or Uses Transform Field extraction (please see screenshot below) for following event (please see sample event below). Any help will be highly appreciated, thank y...
Labels
- Labels:
-
field extraction
08-19-2010
06:45 PM
4 Karma
...lace doesn't follow this paradigm. We especially have a lot of DELIMS/FIELDS-based field extractions, and I'm not clear on where we stand with these, especially since there's no obvious way to configure...
02-22-2017
02:21 PM
1 Karma
I am walking through the Cisco app and I noticed that there are a lot different ways fields are being extracted. It looks like there are many inline extractions and others referencing a transform, a...
10-11-2013
05:43 PM
I'm not a big regex power yet, I know this is easy, but since it is not on a system I can't test and figure out myself I'm looking for expert assistance.
Can someone provide a search rex that will ...
- Tags:
- rex
01-20-2016
04:52 AM
...s how my field extraction looks, it is assigned to the correct index and is an "inline" extraction.
CommandOutcome[^<>]*><[^<>]*>(?<CommandOutcome>[^<>]*) in X...
11-19-2012
04:33 PM
I'm trying to setup Splunk to understand CloudFront log files.
I've setup a field extraction like this:
^(?<DATE>[\\S]+)\\t(?<TIME>[\\S]+)\\t(?<CF_SERVER>[\\S]+)\\t(?<B...
- Tags:
- cloudfront
- search
07-08-2014
03:27 PM
1 Karma
I have a regex I am using to extract exception from a java stacktrace to get for error analysis. It would be much better to do this as a configured field extract so I can use it in lookups instead o...
02-26-2013
06:49 AM
...Some.Component-log4net.log
I've been able to extract just the filename, excluding the optional GUID, using rex inline, e.g.:
index=prod rex field=source "^.\\([0-9a-f]{8}-[0-9a-f]{4}-[0-9...
- Tags:
- extracting
- regex
- rex
01-20-2011
07:16 PM
Hello,
I have a scheduled search which sends out alerts when certain criteria matches. Currently the results are sent inline in the email. Is there a way to send the results in csv format as a a...
