Hi guys,
I'm a complete newbie when it comes to RegEx, but I was wondering if someone could please advise on how I could extract the name of the device from the following string?
"hostname"="iPhone"
The syslog I am using has every data point in the same format, I would like to make sure that Splunk correctly identifies the hostname each time. The built-in field extraction tool could recognise the term 'iPhone' but not something like 'DESKTOP-8HGF56' for example. I need it to be 100% every time so perhaps a regex term could let anything between "hostname"="xxxx" be extracted?
Any advice would be greatly appreciated, thank you!
↧