...lthough, a fallback transform that uses a backreference for unexpected code values would be useful)
I notice that the Splunk docs contain the PCRE2 license, but the transforms.conf docs don't a...
Hi Splunk Gurus... As you can see, non English words length function not working as expected. checked the old posts, documentations, but no luck. any suggestions please. thanks. &...
Hi Team/Community, I'm having an issue with a lookup file. I have a csv with two columns, 1st is named ioc and second is named note. This csv is an intel file created for searching for any visits to...
I have read a lot of different threads and docs but still having trouble pulling what I need out of the below JSON. Essentially want a condensed list of the vulnerabilities data but this JSON nests t...
...s "OK" (correct).
Using Splunk Enterprise 6.5.1 build f74036626f0c, and the regex was generated using RegexBuddy (language PCRE2 10.21 - closest to splunk, and here the correct value is highlighted i...
I can't use the field extractor because the field configurations are frequently very different and it gives me errors so I've been using "| rex" instead.
Can someone help me adjust my regex t...
Hello,
the FORMAT option in transforms.conf can use $n to specify the output of each REGEX match.
(https://docs.splunk.com/Documentation/Splunk/latest/Admin/Transformsconf)
FORMAT = <strin...
Hi, I'm continuously receiving the error Regex: syntax error in subpattern name (missing terminator) when attempting to search with a 'rex' operation. I've gone through several different messa...
Hi All, I am trying to create a regular expression to extract a value from a given log. Below is the log: 2021-10-05 07:25:42.986, DATUM2="3095", STATUS="2", REQUEST_TYPE="103", PRIORITY="300", OWN...