Regular Expressions 101

Community Patterns

Cisco APIC extractions

0

Regular Expression
PCRE2 (PHP >=7.3)

/
(?<timestamp>^.*?)\s(?<apic_host>.*?)\s%LOG_LOCAL(?<apic_facility_level>\d)-(?<apic_severity>\d)-SYSTEM_MSG\s\[(?<apic_code>.*?)\]\[(?<apic_lifecycle_state>.*?)\]\[(?<apic_rule>.*?)\]\[(?<apic_severity_text>.*?)\]\[(?<apic_DN_of_affected_MO>.*?)\]\s(?<apic_message>.*)$
/
gm

Description

Cisco APIC extractions suitable for using as a field extraction in Splunk

Submitted by j.P. Pasnak,CD - a year ago