Splunk Search

Regex to match the price amount in Splunk?

pavanae
Builder

The following are my search results

<Total_Amount_Due>122.34</Total_Amount_Due>
<Total_Amount_Due>2.3</Total_Amount_Due>
<Total_Amount_Due>765.33</Total_Amount_Due>

Now Please suggest me a Regex which displays all the amounts.

Thanks in Advance

0 Karma
1 Solution

somesoni2
SplunkTrust
SplunkTrust

Try this (may need to adjust the

your current search giving above result | rex field=_raw "\<Total_Amount_Due\>(?<Amount[^\<]+)\<\/Total_Amount_Due\>" 

View solution in original post

ppablo
Retired

Hi @pavanae

I'm glad you've been very active here on Answers and have been getting a lot of help from the community, but I also have noticed that you've been posting a lot of question asking for users to just give you regular expressions for your sample data. Have you been trying to write your regular expressions on your own as well? I'd highly recommend you check out this previous Answers post on the various free regex resources you can look into http://answers.splunk.com/answers/153171/is-there-any-online-regex-tool-to-create-regular-e.html Just a reminder that this is a Q&A forum for Splunk specific topics and not just a place to get regular expressions written for you.

0 Karma

pavanae
Builder

ok Thanks 🙂

0 Karma

somesoni2
SplunkTrust
SplunkTrust

Try this (may need to adjust the

your current search giving above result | rex field=_raw "\<Total_Amount_Due\>(?<Amount[^\<]+)\<\/Total_Amount_Due\>" 
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...