Hi all
I want to extract Hostname, date and time from the log, Kindly help
sample log:
Mar 12 09:13:46 hostname1 <118>1 2019-03-12T09:13:46.743+00:00 ip.address
Hostname Date Time
hostname1 2019-03-12 09:13:46
Hi @paullt12345
Try like
| makeresults
| eval log="Mar 12 09:13:46 hostname1 <118>1 2019-03-12T09:13:46.743+00:00 ip.address"
| rex field=log ":\d{2}\s+(?P<Hostname>.+)\s+<.*(?P<Date>\d{4}\-\d{2}\-\d{2})T(?P<Time>\d{2}\:\d{2}\:\d{2})"
Hi @paullt12345
Try like
| makeresults
| eval log="Mar 12 09:13:46 hostname1 <118>1 2019-03-12T09:13:46.743+00:00 ip.address"
| rex field=log ":\d{2}\s+(?P<Hostname>.+)\s+<.*(?P<Date>\d{4}\-\d{2}\-\d{2})T(?P<Time>\d{2}\:\d{2}\:\d{2})"
it works.. thanks..