Questions tagged [rex]

(R)?ex is a server orchestration tool. Use the rexx tag if you want to refer to the REXX programming language.

(R)?ex is a server orchestration tool that doesn't need an agent on the hosts you want to manage. In fact it uses ssh to execute the given commands.

To use (R)?ex you don't need Perl knowledge at first. (R)?ex uses a simple DSL to describe your servers. Indeed, it is also possible to use (R)?ex from within your shell scripts without using perl at all.

In fact, if you know a little bit perl it won't hurt you.

The starting point of every (R)?ex project is the so called Rexfile. You can think of this file like a Makefile. You can define tasks in this file.

A task is a bunch of related commands. For example installing a package, uploading the configuration file and starting the service. You can also call tasks from other tasks or create rollback scenarios if something went wrong during the execution.

38 questions

votes

2 answers

splunk rex command to search exception and count the error codes

I have raw data which looks something like this : [6/24/22 6:45:20:277 IST] 000005d4 Output O abcd-ddd-dd.ppp1.ttttttt.net sys 2022-06-24T06:45:20,277 WARN [Server.BatchProcess] Limoc Input : Exception occurred: 100 COMPRESS 'success'…

splunk rex

asked Jul 19 '22 at 15:10

Diksha

votes

1 answer

Extracting multi values with regex ( Only values, Not Fieldname )

Can someone help me with this regex? I would like to extract either 1. or 2. 1. (2624594000) 303 days, 18:32:20.00 <-- Timeticks .1.3.6.1.4.1.14179.2.6.3.39. <-- OID Hex-STRING: 54 4A 00 C8 73 70 <-- Hex-STRING (need "Hex-STRING" ifself…

regex splunk rex

asked Feb 01 '22 at 10:50

Mint

votes

2 answers

Splunk rex expression to remove comma if present in json file

I have stuck in a small issue where I need to remove last character "," ( if present) from JSON log file. I am using it in Splunk. It seems simple and I was hoping my regex will work but its not working. My Attempts : 1. s/$,$$?//g 2. s/,$//g 3.…

regex sed splunk rex

asked Oct 06 '21 at 09:25

Ankit Goyal

votes

1 answer

JSON Extraction from Splunk log

I have a requirement where i need to extract part of JSON code from splunk log and assign that field to spath for further results My regex is working in regex101 but not in splunk below is log snippet --looking to grab the JSON code starting from…

json regex splunk splunk-query rex

asked Aug 26 '21 at 21:55

Rczone

votes

1 answer

Similarity score to filter dataframe columns in pandas

I have a pandas dataframe, df with the following column names columns = ['Baillie Gifford Positive Change Fund B Accumulation', 'Stewart Investors Worldwide Select Fund Class B (accumulation) Gbp', 'Stewart Investors Worldwide Select Fund Class A…

pandas dataframe nlp data-cleaning rex

asked Aug 08 '21 at 23:10

msh855

1,493
1
15
36

votes

1 answer

Extract the User-Agent from HTTP request

I'm trying to get the User-Agent value from HTTP request and put in a separate field named "UserAgent" and so far not successful. Looks like I need to look up to carriage return and linefeed? Will appreciate any help. Below is the regex101…

regex rex

asked Jul 27 '21 at 17:20

Ashish Gupta

14,869
20
75
134

votes

1 answer

extract data using regex in splunk

i have data as "{\"data\":{\"correlation_id:\"51g0d88f-3ab8-4mom-betb-b31ed6e1662z\",\"u_originator_uri in _raw. i want to extract values of correlation_id as CorrelationId4

regex rex

asked Dec 21 '20 at 02:47

Dshruti

votes

3 answers

How to extract contents after the last slash in fields in splunk?

I am new to splunk..SO i have a log which has contents(events) in this format tool_code: error_code (path1/path2/path3/filename1,line) path1.path2.path3.testname1 I wrote rex to extract filenames and testnames rex is |rex field=_raw…

splunk rex

asked Jun 09 '20 at 11:13

Priya Ramakrishnan

votes

1 answer

Remove characters from Message field in splunk

I am searching for specific event codes in splunk, such that the first part of the message field starts with "A member was added to a security-enabled global group". After that, it has a whole lot more information which, for my purposes, I do not…

regex eval splunk rex

asked Jan 30 '20 at 20:47

ThisGuyUsesPowershell

votes

2 answers

Splunk compare two rex queries from different source

splunk splunk-query rex

asked Jan 18 '20 at 12:52

Jongz Puangput

5,527
10
58
96

votes

1 answer

Splunk rex query to filter message

I have a splunk log in the below format: {"Apple": {"message":"abcdefgh.ijkl","code":"200"} } I want to filter the message "abcdefgh.ijkl" and code separately.

splunk rex

asked Mar 20 '19 at 14:19

Sateesh M

votes

1 answer

Search for unique IP's in splunk

I've the splunk data something like: {"@timestamp":"2019-02-26T05:12:30.090+00:00","@version":"1","message":"\n================>\nRequest Details:\n[requestId:abc118f2-qqff-10bb-a900-33cc9b88e333]\n[requestMethod = GET]\n[requestUrl =…

splunk-query rex

asked Feb 26 '19 at 07:11

Chang

votes

1 answer

Splunk rex command with curly brackets, round brackets, period and quotation marks

I'm having issues with the rex command on splunk. My Query outputs the below. {"(001) NULL.COUNT(1).NUMBER": "12345"} I am looking to extract just the value 12345, but at the moment, I have below rex command which returns "{"(001)…

command splunk rex

asked May 23 '18 at 05:32

36thchamberZA

votes

1 answer

Regex start and end with same string, not just same character

I want to create a regular expression to receive:

something 1

something 2

// or more html tag here something

something's here, not in any tag! from:

…

javascript regex rex

asked Jan 15 '18 at 11:20

Thengocphan

votes

1 answer

Splunk - extract a field with dot/period

It seems that there is no way to extract fields with a . in the name. I'm trying to use field extractors on our older data to create fields matching the newer data JSON fields. { "pirate": { "say ": "Shiver me timbers" } } pirate.say = "Shiver me…

regex splunk rex

asked Sep 21 '17 at 12:54

thro

Prev 1

3 Next