×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
DavideASR
Engager
Member since: ‎10-13-2022
‎01-18-2023
Community Statistics
Posts 3
Solutions 0
Karma Given 5
Karma Received 0
Member Since ‎10-13-2022
Activity Feed
View All

How to extract string between two character @ and ...

by in Splunk Search
‎11-08-2022 02:55 AM
‎11-08-2022 02:55 AM
Hi, I'm trying to extract string "domain.com" from <mail@domain.com> How can i extract string between "@" and ">" ? Thx ... View more
Labels

Re: extract substring from field

by in Splunk Search
‎11-04-2022 06:47 AM
‎11-04-2022 06:47 AM
Ok it helps but isn't the solution, from= Name Surname <name.surname@domain.com> suser= name.surname@domain.com i have to create a field with the substring between <> created_field=name.surname@domain.com extracted in the "from" field  between the <> ... View more

How to extract substring from field?

by in Splunk Search
‎11-04-2022 04:14 AM
‎11-04-2022 04:14 AM
Hi, i'm trying to extract substring from a field1 to create field3 and then match field2 with field3    The search is: index=antispam sourcetype=forcepointmail:sec  | fields msg suser from | where NOT LIKE(suser,"%".from."%") But from=Domain noreply <noreply@domain.com>  suser=noreply@domain.com I need to extract the substring contained between <> in the "from"  field and match field "suser" with "created_field" .   I want to find each mail where the "From" field is different from "suser" field, so I can find spoofed mails on our antispam device.   thx ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎01-18-2023 04:24 PM
Karma given to