Jul 25, 2023 · Solved: Hi I need help to extract and to filter fields with rex and regex 1) i need to use a rex field on path wich end by ".exe" Example :

Dec 8, 2023 · Solved: Looking for help with this rex command. I want to capture the continuous string after "invalid user" whether it has special

Mar 5, 2025 · Hi , at first, please in addition to the screenshots, add also the code and a sample of your logs in text format using the "Add/Edit Code sample" button. Then, if you are doing an …

Jul 8, 2021 · Hi @subspacefield , if that is exactly how you have in your search then there are 2 issues. for rex - you need to tell it what to look at: Rex works as you would read something - …

Dec 2, 2020 · Hi all, I am having data as follows: REPORT RequestId: xxxx2722-xx0d-xx35-95xx-xxxxxxb6b2e1 i want a field as CorrelationId3 which is having xxxx2722-xx0d-xx35-95xx …

Feb 7, 2020 · Hi have a scenario, where I would like to extract the field OfferCode which has space after and before the code: OfferCode : XYZAQERWSD Please help with rex command …

Feb 8, 2021 · Solved: Hi all, I'm new to splunk searches and would appreciate some help to find out how to pull out the file path, file name and file extension

Jul 2, 2018 · Solved: How do I write a rex command to extract from up to a particular delimiter (such as comma) or (if there is no delimiter) to the end of string?

Oct 25, 2021 · Hi There, I have a query that I use to extract all database modifications. However, I want to exclude SELECT from capturing via this query. I want to extract only INSERT, …

Sep 18, 2014 · How to use rex command to extract two fields and chart the count for both in one search query?