Regex noob here. I am searching through Windows Security Event Logs trying to extract values. I have found that the regex syntax I am using only returns values when the target text does not contain a space. How do I configure the regex syntax to grab all characters/words regardless if there is a space?
| parse regex "Target Account Name:\s+(?<Group\_Name>\S+)+\r\n\r\n." nodrop
Target Account Name: Windows Vision-Group (the resulting "group_name" field is blank when the search is run)
Target Account Name: Windows-Vision-Group (the resulting "group_name" field contains "Windows-Vision-Group")
Please sign in to leave a comment.