This splunk query example uses regex (regular expressions) to extract information on Linux cron jobs.

*Note* this query has not been extensively tested

sourcetype="cron" | eval Date=strftime(_time, "%Y/%m/%d") | rex ".*:\d{2}\s(?<hostname>\S+)" | rex "]:\sfinished(?<Info>.*)"  | stats count by Date, hostname, Info