Hi all,
In certain search, Splunk returns DNS hostnames, for example:
a.monetate.net.akadns.net
evsecure-ocsp.verisign.com
To facilitate sorting, I'd like to have the names displayed in reverse order across the dots, e.g.:
net.akadns.net.monetate.a
com.verisign.evsecure-ocsp
I've found some examples that suggest how to change word order but Splunk rejects it during search:
sourcetype=dns | rex field=domain mode=sed "s/\n/!G;s/\(.\)\(.*\n\)/&\2\1/;//D;s/.//"
Yields: Error in 'rex' command: Failed to initialize sed. Invalid option string: (.)(.*\n)/&\2\1/;//D;s/.//
Ideas?
folkstalk [dot] com/2011/12/methods-to-reverse-string-using-unix.html
programmingforums [dot] org/post188712.html
... View more