Hey there!
I am wondering if it is possible to create a regex for field extration which extracts a string, but at the same time, leaves out part of the string.
Let's say there is a logline with:
IP: 111.222.111.222
Now the extracted field should capture the IP, but without the dots (so the result should be "111222111222"). Is this even possible right at field extraction?
Can you skip certain elements? Or can you extract each segment and then combine them somehow?
Faik you can exclude with [^ ] but then you basically skip the whole entry and get nothing if this character occurs, which is not what I want. I want to identify the whole string, but then just capture just elements of it.
Thank you!
↧