Solved: How to apply regex to a field in lookup file?

pavanae · ‎10-31-2017

I have a lookup file query as follows

| inputlookup ABCD.csv which displays the results as follows

Host

efgh
ijkl.mno.com
pqrs.tuv.net
wxyz

Now how can i add a regex to display only the hostname and avoid the extra string which ever after the dot(.). I just want to apply the regex to display the result as follows

Host

efgh
ijkl
pqrs
wxyz

somesoni2 · ‎10-31-2017

Assuming you just want to manipulate the result of the search | inputlookup ABCD.csv, try like this

| inputlookup ABCD.csv | eval Host=mvindex(split(Host,"."),0)

OR

| inputlookup ABCD.csv | rex field=Host "^(?<Host>[^\.]+)"

View solution in original post

somesoni2 · ‎10-31-2017

Assuming you just want to manipulate the result of the search | inputlookup ABCD.csv, try like this

| inputlookup ABCD.csv | eval Host=mvindex(split(Host,"."),0)

OR

| inputlookup ABCD.csv | rex field=Host "^(?<Host>[^\.]+)"

How to apply regex to a field in lookup file?

Index This | I’m short for "configuration file.” What am I?

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...

Your Guide to SPL2 at .conf24!