Hello, Hope this message to be displayed correctly :]
You can try : categoryname="[a-zA-Z \/]+" or (?m)categoryname="([a-zA-Z \/]+)" regards Le jeudi 7 janvier 2016 14:59:45 UTC+1, [email protected] a écrit : > > Hello! > > We are new at Graylog and would like to discover several functionality of > it, for that reason we had to extract specific fields in our logs. > > > This is an example of our log: > > <30>2016:01:07-10:26:09 sophos_utm_9 httpproxy[5403]: id="0001" > severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" > method="GET" srcip="10.10.70.48" dstip="92.123.194.105" user="" > ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile > (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction > (Default content filter action)" size="0" request="0xd4df9800" url=" > http://wetter.bild.de/img/icons/svg/Schneefall.svg"; referer=" > http://wetter.bild.de/web2014/wetterwidget.html?ifw=110&ifh=61&ifs=no&ct=bild.de"; > > error="" authtime="0" dnstime="73332" cattime="630" avscantime="0" > fullreqtime="107258" device="0" auth="0" ua="Mozilla/5.0 (X11; Ubuntu; > Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0" exceptions="" > category="108" reputation="neutral" *categoryname=**"Public Information"* > country="Europe" application="bildde" app-id="625" > > Our goal is to extract the value of the field "categoryname", this field > could be at severas positions and can contain several values like > "Internet Services" > "Software/Hardware" > "Online Shopping" > > and so on... > > We are not very familiar with regex commands and try to extract this field > with commands like: ^*categoryname=".*" without success. > > Could somebody help and explain us how this works with the right command? > > Thanks in advance, > > Greetings > Toni > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/1b6f5fee-1779-43a6-a82d-500d89a00551%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
![http://wetter.bild.de/img/icons/svg/Schneefall.svg"](http://wetter.bild.de/img/icons/svg/Schneefall.svg"){kind=link}