Hi SPlunkers,

I am newbee with REX. Can someone please assist us in extracting this field?

We need to extract rvasbac07.server.com from our event to a field, below is a sample event:

request_time=254.164934158 response_code=200 match="123 OnMessage (v1.1) - rvasbac07.server.com (split by Agent Host)" match=2241.62 match=rvasbac07.server.com match=2241.62 raw_match_count=4 encoding=UTF-8 response_size=11789

Thanks