This operation counts the number of times a provided string (character, word, or phrase) appears in the given input data.
Data types
These are the input/output expected data types for this operation:
Input data
- Data you want to analyze.
Output data
- Count of the specified character, word, or pattern you searched for.
Parameters
These are the parameters you need to configure to use this operation (mandatory parameters are marked with a *):
Search*
Enter the specific character, word, or pattern you want to count.
Search Type*
Select the type of search you want to perform. The available options are:
Regex - Choose this option if you want to use regular expressions.
Extended - Choose this option for extended regular expressions. An extended regular expression specifies a set of strings to be matched. The expression contains both text characters and operator characters.
Simple - Choose this option if you want to perform a simple string matching. Note that this search type is not case-sensitive (A is different from a).
Examples
Simple search example
Suppose you want to check the number of occurrences of the term test in a series of events:
In the Operation field, choose Count occurrences.
Set Search to test.
Set Search Type to simple.
Give your Output field a name and click Save. The count will be displayed in the output field.
In this example, given the following string:
Accepted password for test domain
The result count will be 1.
RegEx search example
Suppose you want to count words that start with the letter "c" (either small or capital) in your input data:
In the Operation field, choose Count occurrences.
Set Search to \b[Cc]\w*.
Set Search Type to regex.
Give your Output field a name and click Save. The count will be displayed in the output field.
In this example, given the following string:
Core temperature above threshold, CPU clock throttled
The result count will be 3.
RegEx explanation:
\b matches a word boundary, ensuring the match starts at the beginning of a word.
C matches the letter "c."
\w* matches any number of alphanumeric characters after "C," effectively capturing entire words.
Extended RegEx search example
Suppose you want to get the occurrences of the word "error" but not if it’s followed by "404". To do it:
In the Operation field, choose Count occurrences.
Set Search to error(?!\s404).
Set Search Type to extended.
Give your Output field a name and click Save. The count will be displayed in the output field.
In this example, given the following strings:
error404 - 404 is an error that tells a web is not available.
The result count will be 2.
RegEx explanation:
error matches the word "error."
(?!\s404) is a negative lookahead that ensures "error" is not followed by " 404".
You can try out operations with specific values using the Input field above the operation. You can enter the value in the example above and check the result in the Output field.
In your Pipeline, open the required configuration and select the input Field.
In your Pipeline, open the required configuration and select the input Field.
In your Pipeline, open the required configuration and select the input Field.
