Quantcast
Channel: Questions in topic: "splunk-enterprise"
Viewing all articles
Browse latest Browse all 47296

How do use Splunk regex and extract data from a comma separted text into a table format?

$
0
0
I am trying to write a search/extract on a below sample type of log file: Sample data is as below (it will repeat across the whole log file, with some other log lines in between: EventTime: 2016-01-01 14:54:22 User: cooluser1 AVGMetrics: 1 Year 99% AVG [33], 10 Year 95% AVG (1Y) [45], 480 Year 90% AVG [48], 690 Year 90% AVG [28], WindowPeriod: 10 Years ExtraParams: None I need to extract portion of the AVGMetrics data as below: _time User AVGMetrics 2016-01-01 14:54:22 cooluser1 1 2016-01-01 14:54:22 cooluser1 10 2016-01-01 14:54:22 cooluser1 480 2016-01-01 14:54:22 cooluser1 690 How do I achieve this, can someone help please?

Viewing all articles
Browse latest Browse all 47296

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>