Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
The idea is I will have the below as a paragraph in the column "Description". Can somebody help me to do a script which will result me the computer name alone. Example: the result of the script has to be ABCD1238.eu.corp
From: ch.alerts@abcd.com
Sent: Thursday, March 05, 2015 6:01 PM
To: Security.IncidentResponseTeam
Subject: Forefront Endpoint Protection Alert: Malware Detection
Forefront Endpoint Protection has detected malware on a computer in your organization.
Detection time (UTC): 3/5/2015 11:54:32 AM
Computer name: ABCD1238.eu.corp
Malware name: BrowserModifier:Win32/KipodToolsCby
subfield(textbetween(Description, 'Computer name: ' , 'Malware name:'),'_x000D_',1)
Try textbetween(Description, 'Computer name: ' , 'Malware name:')
Try subfield(Description,'Computer name:',2)
Hi Gysbert, I have tried Text Between. and I am I getting the below. Why I am getting _x000D_ and how should I remove this?
Computer Name |
aoewallace2-sz.ap.corp_x000D_ |
BCNWS027.eu.corp_x000D_ |
BEER646.eu.corp_x000D_ |
CC4GKKVY1.ap.corp_x000D_ |
CCFSHYS2X.ap.corp_x000D_ |
cchen-wgq.ap.corp_x000D_ |
cmlu-wgq.ap.corp_x000D_ |
CRPWS027.na.corp_x000D_ |
CRPWS052.na.corp_x000D_ |
DEAC1190.eu.corp_x000D_ |
DEAC1238.eu.corp_x000D_ |
subfield(textbetween(Description, 'Computer name: ' , 'Malware name:'),'_x000D_',1)
Thanks Simen. Extraordinary it worked...
If you are getting it, it means it is somewhere in the data. You can remove it at once with Simen's formula, although you could shorten the formula a bit :
subfield(textbetween(Description, 'Computer name: ' , 'Malware name:'),'_',1)
Thanks everyone. Now I have got the Computer Name.. But I am not able to do this to get Malware name:
Any suggestions please?
Subfield(Description,'Malware name:',2)
Hi Simen it worked but I am again getting _x000D_ at the end