I've got wmic logfiles which look like this:
Name Vendor Version
Java 8 Update 172 (64-bit) Oracle Corporation 8.0.1720.11
Java 8 Update 181 Oracle Corporation 8.0.1810.15
Java Auto Updater Oracle Corporation 2.8.172.11
![alt text][1]
- Header is always the same
- The logs can have more than one row (some have up to 5)
- The actual data rows are always separated by two or more whitespaces
What's the proper way to extract the fields? I managed to extract the first row using rex - but then all other rows are ignored. Using multiple piped rex would result in having multiple field names (Name1, Name2, Name3 etc) for each row.
**| rex field=_raw "^(\\w+\\s+)+(?P\\w+\\s+\\d+\\s+\\w+\\s+\\d+)\\s+(?P\\w+\\s+\\w+)\\s+(?P[^ ]+)"**
Thank you!
[1]: /storage/temp/257601-2018-11-13-10-27-33-fff058w-oracle-java-removerlog.png
↧