Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

rtrim trims additional symbols

ArsenyKapralov
Path Finder
‎12-15-2014 07:41 AM

Hello

I'm trying to use rtrim to modify dns host name which I receive from domain controller. I'm using following search string:

 | eval HostName=rtrim(HostName,".bankrc.local")

I tested this on hostname "hq-mileshin.bankrc.local" but as a result I receive "hq-mileshi". Can you please help me to fix this and get a proper result: "hq-mileshin"

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

somesoni2
Revered Legend
‎12-15-2014 08:12 AM

You can use replace function of Splunk for this

e.g.

| gentimes start=-1 | eval HostName="hq-mileshin.bankrc.local"  | replace *.bankrc.local WITH * IN HostName

View solution in original post

Reply
Solved! Jump to solution
Solution

somesoni2
Revered Legend
‎12-15-2014 08:12 AM

You can use replace function of Splunk for this

e.g.

| gentimes start=-1 | eval HostName="hq-mileshin.bankrc.local"  | replace *.bankrc.local WITH * IN HostName
Reply
Get Updates on the Splunk Community!

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...

We’ve streamlined the troubleshooting experience for database-related service issues by adding a database ...

IM Landing Page Filter - Now Available

We’ve added the capability for you to filter across the summary details on the main Infrastructure Monitoring ...

Dynamic Links from Alerts to IM Navigators - New in Observability Cloud

Splunk continues to improve the troubleshooting experience in Observability Cloud with this latest enhancement ...