Hi,
I need to accept 2 user inputs ( 1. Store and 2. "*Exception") in a form and then populate the exact Exception name in a table with the count of this particular type of Exception.
I have written a query using regex like this-
<searchtemplate><![CDATA[ index= sourcetype= host=$Store$ $Exception$ | rex field=_raw ".(?<exceptiontype>w+Exception)" | table host, Exception]]></searchtemplate>
The problem with this is that it populates all kind of "Exception" instead of the exact Exception name that user passed. For eg, if user desires to search "NullPointerException", it is still searching all exceptions.
Is there a way that my Regex expression also excepts the exact value that user has passed to the form?
