Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What special characters are available for use with rex and regex and what are their functions?

satya2p
Path Finder
‎02-10-2015 11:16 AM

I see a variety of letters being used like w,n,d,s etc. pls help me to understand what characters are available to use and what these characters stand for in these queries.

rex field=_raw=AnyKeyord "(?*w+)"
rex field=_raw=AnyKeyord "(?**n+)"
regex AnyKeyord=\d+*
regex AnyKeyord=\n+

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ppablo
Retired
‎02-10-2015 11:21 AM

Hi @satya2p

Have you taken a look at the Splunk documentation on regular expressions? It also covers the different character types:
http://docs.splunk.com/Documentation/Splunk/6.2.1/Knowledge/AboutSplunkregularexpressions

View solution in original post

Reply
Solved! Jump to solution

dwaddle
SplunkTrust
SplunkTrust
‎02-10-2015 12:29 PM 
man pcrepattern
Reply
Solved! Jump to solution

rlough
Path Finder
‎02-10-2015 12:24 PM

Do you have a specific task you're trying to achieve?

0 Karma
Reply
Solved! Jump to solution

alacercogitatus
SplunkTrust
SplunkTrust
‎02-10-2015 11:21 AM

Surely, me thought upon sitting to review the site of answers from Splunktonia, Surely this question would be answered? But nay, none dare tackle the daunting task of defining regex. But hark! A hero, in the distance! Although he be of simple stature, and average girth, he brought much knowledge and wisdom. He therefore sayeth: Yon @satya2p, hereupon receiving these words of written ideas, perhaps you should navigate towards the aforementioned site of destiny! http://www.regular-expressions.info/tutorial.html This "tutorial" gives many ideas and explanations that shall explain the nature of a regex and what "w", "n" and the like express! Enjoy thusly!

Reply
Solved! Jump to solution

KindaWorking
Path Finder
‎02-10-2015 01:00 PM

Just to follow on from the witty alacercogitatus. Another tutorial I found very handy is:
http://regexone.com/

As for testing that your regex expression is correct, check out:
https://regex101.com/

The second link I gave you I still use to this day and will continue to use it no matter how proficient I get with regex.

Reply
Solved! Jump to solution
Solution

ppablo
Retired
‎02-10-2015 11:21 AM

Hi @satya2p

Have you taken a look at the Splunk documentation on regular expressions? It also covers the different character types:
http://docs.splunk.com/Documentation/Splunk/6.2.1/Knowledge/AboutSplunkregularexpressions

Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...