I have splunk logs where there is key word like  <ref>BTB- Abcd1234<ref> as it's primary key for trade reference and I did extract using delemiter <> , and give field name "my_Ref". now if search BTB it showing me all the matching reference as my dashboard search string is like <ref>BTB-*<ref> . now the problem is along with reference i can see some additional line is also getting pick and when is see the event detail my extract field showing that values .  output from search query :  index=in_my "<ref>*$Ref$*<ref> | table my_ref | dedup my_ref 1.BTB-Abcd1 2.BTB-Abvd2 3.]...)Application]true ?.. 4.BTB-Acdg3 5.BTB-Shfhfj4 now I want to ignore the 3."]...)Application]true "value and don't know how.... can someone please help on the same. ... View more