About aliosa

aliosa · ‎08-26-2023

ok thank you.

aliosa · ‎08-25-2023

Hello I use | rex "response: (?s)(?<response>.*)" | spath input=response object3{}.status output=status | table response, status and it works. Any better idea ?

aliosa · ‎08-24-2023

Hello That json come in search response in multiple lines. This is not working for me rex "response: (?<response>.*)" because response is "{". Maybe rex should ignore new line characters (\n) to solve this situation. and response would be all json {....}

aliosa · ‎08-24-2023

Hello I am beginner with Splunk. I made a query and my search result is like text1 text2 text3 response: { "status":"UP", "object1":{ "field1":"name1", "status":"UP" }, "object2":{ "field2":"name2", "status":"UP" }, "object3":{ "object4":{ "field4":"name4", "status":"UP" }, "object5":{ "field5":"name5", "status":"UP" }, "status":"UP" }, "object6":{ "field6":"name6", "status":"UP" } } I want to obtain the value for object3.status for a column of table. How to do this ? With rex field=_raw or spath ? Thank you in advance.

Posts	4
Solutions	0
Karma Given	0
Karma Received	0
Member Since	‎08-24-2023

Online Status	Offline
Date Last Visited	‎08-26-2023 06:59 AM

How to extract value from search response which ha...

Re: How to extract value from search response whic...

Re: How to extract value from search response whic...

Re: How to extract value from search response whic...

How to extract value from search response which ha...

Join the Conversation

How to extract value from search response which ha...

Re: How to extract value from search response whic...

Re: How to extract value from search response whic...

Re: How to extract value from search response whic...

How to extract value from search response which ha...