This splunk query example uses regex (regular expressions) to extract information on Linux cron jobs. *Note* this query has not been extensively tested sourcetype=”cron” | eval Date=strftime(_time, “%Y/%m/%d”) | rex “.*:\d{2}\s(?<hostname>\S+)” | rex “]:\sfinished(?<Info>.*)” | stats count by Date, hostname, Info
