Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
169 results
Sorted by:
04-19-2022
08:18 AM
I have two Splunk queries, each of which uses the _rex command to extract the join field.
Example:
QUERY 1
index=index1 "Query1" | rex field=_raw "abc(?<M...
Labels
- Labels:
-
transaction
03-21-2019
04:59 PM
...ut I can easily extract the other fields with rex, as well as the json fields with the spath:
rex field=_raw "Container: (?<field1>AppropriateRex) (?<field2>AppropriateRex) (?<field...
04-29-2021
01:44 PM
...nd running into a challenge simplifying extraction of the date from the AD account creation field: | ldapsearch basedn="XXXXXXXXXXX" search="(&(objectCategory=user)(objectClass=user)(d...
Labels
- Labels:
-
table
08-13-2016
09:06 AM
We are developing a generating custom command using the Splunk Python SDK. The issue we are having is that only those fields exported from the first 'yield' are extracted in future events (so only t...
12-03-2019
08:19 AM
I am trying to extract fields Environment and Service with below search and receiving the error 'SearchParser': Missing a search command before '^'.
I got the rex command from Splunk field extract...
09-26-2019
02:39 PM
Hey guys,
I have a log that contains a lot of data but from that, I want to extract 'program.exe -switch' from the log and create a new field that I can display with table command. I have regex r...
09-20-2017
12:11 PM
I have a field named "content" with multiple values to it as follows
content=value.deva
content=value.devb
" =value.devc ......
I have written a rex expression in my search query ............
- Tags:
- rex
- splunk-enterprise
09-27-2021
01:01 AM
i all I'm tasked with performing an audit of our Splunk (Cloud) Search Heads (2) as many Apps \ Add-Ons have been sporadically installed onto them over the years and problems are occurring. The a...
- Tags:
- apps
Labels
11-07-2012
01:04 PM
...ixed,Policyname - X
I am trying to extract the last three fields from this data, and I can't seem to get it to work. I'm only trying it out in Search first, but am thinking of using an EXTRACT in p...
08-11-2014
01:48 PM
1 Karma
Hello,
I have a problem with splunk search. What I need to do is to do a search from the fields containing CC numbers. I have tried the example from the Splunk tutorial:
| rex field=c...
