Hi all,
I just started discovering Splunk. I am extracting a file containing JSON data. The data looks something like this:
"DevEUI_uplink": {
"AckRequested": "1",
"DevLrrCnt": "5",
"rawMacCommands": "",
"Late": "0",
"ADRbit": "1",
"LrrLON": "6.440177",
"payload_hex": "00a0723a032805af1eb9006d4a9b000000",
"Channel": "LC1",
"FPort": "4",
"DevAddr": "15293375"
It's a lot longer but you get the idea. Splunk extracts the field fine however "payload_hex" contains data that needs to be extracted into multiple fields. For example the last for characters will be the temperature. Is it possible to do this? If so, where would I do this and how?
EDIT: suggestions about where to learn this or specific tutorials are welcome as well.
Any help is much appreciated!
... View more