Hello,
I am trying to extract fields using Splunk field extractor and I reached a point where I got the following error " The extraction failed. If you are extracting multiple fields, try removing one or more fields. Start with extractions that are embedded within longer text strings."
The most common solution found on this forum is to write my own regular expression manually.
This is a sample log from which I need to extract the field "process_sha256":
process_sha256":"fa03997f62beaf057023e5627881ecd4829e3c8383fd44b33f5e30a47ba25e31","processblock_count":0,"regmod_count":3,"segment_id":"1568367814899","start":"2019-09-13T09:41:19.404Z"
Does anyone have an idea what could be the proper regular expression to insert in the field extractor?
Thank you
... View more