Databases Reference
In-Depth Information
This menu launches the
Extract fields
view:
In this view, you simply provide example values, and Splunk will attempt to build a
regular expression that matches. In this case, we specify
ERROR
,
WARN
, and
INFO
.
Under
Sample extractions
, we see that the values
DEBUG
,
WARN
,
INFO
, and
ERROR
were matched. Notice that there are more values than we listed—the pattern
is looking for placement, not our sample values.
Under
Sample events
, we get a preview of what data was matched, in context.
Search WWH ::
Custom Search