Nathan Beltran
- Total activity 152
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 1
- Subscriptions 96
Activity overview
Latest activity by Nathan Beltran-
Nathan Beltran commented,
Try this regex. Ive included a noncapture group to match the email fields. (?i:primaryemail|emailaddress)\" : \"(.*)\"
-
Nathan Beltran commented,
Official comment Expressions that you want masked must be expressed as a capture group in the regex. Capture groups are identified with enclosed parentheses (). Here try this regular expression. primaryEmail\" : \"...
-
Nathan Beltran commented,
Official comment Hi Swapnil, I see that you have opened a ticket with support for this. As mentioned in the ticket the parse statement is not an available condition with the "if" operator.One option you might want ...
-
Nathan Beltran commented,
Nishanthi, You can use concat to combine multiple fields into one field https://help.sumologic.com/05Search/Search-Query-Language/Search-Operators/concat
-
Nathan Beltran created an article,
Do you have a parse regex for both IPv6 and IPv4?
Below is the parse regex statement that will extract both IPv6 and IPv4 from your logs. | parse regex "(?<ip>(?:[0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})"
-
Nathan Beltran created an article,
Is there a way to change the order in which the columns are displayed?
You can use the fields operator. For example, if you fields are dispayed as B , C , A, D, E. In your query you can add "| fields A, B, C, D, E".
-
Nathan Beltran created an article,
How log does it take until I can perform a search query against the uploaded data?
Within 1 to 3 minutes. Note a standard search is performed against the timestamps parsed, so you may want to select the "Use Receipt Time" option to validate.
-
Nathan Beltran created an article,
Is it possible to display numbers without the thousand separator?
Question: Is it possible to display numbers without the thousand separators? I need serial numbers to be numbers so they sort in the expected way (900 before 1000), but they then display with comma...
-
Nathan Beltran created an article,
Are POSIX bracket expressions supported in parse regex?
When I use the [[xdigit]] character class in a parse regex statement, the logs are inconsistently parsed some lines are parsed and some are not, even though the logline content is essentially the s...
-
Nathan Beltran created an article,
Does Sumo Logic collectors compress data before it is transmitted to the Sumo Logic cloud?
Yes, the collector does compress the logs. The installed collectors use the resources from the installed machine are used to compress, zip, encrypt the files/log messages and send it to the Sumo Cl...