×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
FrisbeeGolfer
Engager
Member since: ‎03-05-2021
‎10-22-2021
Community Statistics
Posts 1
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎03-05-2021
Topics I've Started
No posts to display.
View All

Re: What would be the best regex syntax to filter ...

by in All Apps and Add-ons
‎03-05-2021 04:46 PM
‎03-05-2021 04:46 PM
Sorry for the thread necro, but I wanted to post a solution I developed today to this issue since I didn't find any examples of this anywhere else. The following negative regex lookahead excludes these 3 IP's as an example. It's very easy to modify for your own list. IP's excluded: 127.0.0.1, 192.168.0.1, 192.168.0.254 remoteAddress = ^(?!127\.0\.0\.1|192\.168\.0\.(1|254)).+$ Implemented today via the Splunk_TA_Windows inputs.conf on a test Windows universal forwarder. Seems to be doing the trick. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎10-22-2021 05:02 PM
Karma given to
View All