Hello, Hope this message to be displayed correctly :]
You can try : categoryname="[a-zA-Z \/]+" or (?m)categoryname="([a-zA-Z \/]+)" regards Le jeudi 7 janvier 2016 14:59:45 UTC+1, toni.fro...@scaltel.de a écrit : > > Hello! > > We are new at Graylog and would like to discover several functionality of > it, for that reason we had to extract specific fields in our logs. > > > This is an example of our log: > > <30>2016:01:07-10:26:09 sophos_utm_9 httpproxy[5403]: id="0001" > severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" > method="GET" srcip="10.10.70.48" dstip="92.123.194.105" user="" > ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile > (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction > (Default content filter action)" size="0" request="0xd4df9800" url=" > http://wetter.bild.de/img/icons/svg/Schneefall.svg"; referer=" > http://wetter.bild.de/web2014/wetterwidget.html?ifw=110&ifh=61&ifs=no&ct=bild.de"; > > error="" authtime="0" dnstime="73332" cattime="630" avscantime="0" > fullreqtime="107258" device="0" auth="0" ua="Mozilla/5.0 (X11; Ubuntu; > Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0" exceptions="" > category="108" reputation="neutral" *categoryname=**"Public Information"* > country="Europe" application="bildde" app-id="625" > > Our goal is to extract the value of the field "categoryname", this field > could be at severas positions and can contain several values like > "Internet Services" > "Software/Hardware" > "Online Shopping" > > and so on... > > We are not very familiar with regex commands and try to extract this field > with commands like: ^*categoryname=".*" without success. > > Could somebody help and explain us how this works with the right command? > > Thanks in advance, > > Greetings > Toni > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/1b6f5fee-1779-43a6-a82d-500d89a00551%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
![http://wetter.bild.de/img/icons/svg/Schneefall.svg"](http://wetter.bild.de/img/icons/svg/Schneefall.svg"){kind=link}