Hi I want to search the output with sorted result which has output as below
2014.09.08 02:52:07.559,2014.09.08 02:52:06.217,**1342**,jhdlkljkljsdjlkj
I want to sort the result as highlighted number 1342
How can I achive this goal using splunk search
Hi akash_akkis,
if the number you need always occurs after the second , you can use something like this:
,
your base search here | rex "^(?:[^\,]*\,){2}(?<myField>([^\,]*))" | ...
This will get you a new field called myField which can be used further.
myField
hope this helps ...
cheers, MuS
