It took me a while to get the hang of using RegEx inside Splunk. While I'm no Splunk trust member, I do feel like I've got enough to share and maybe help some people who are still on the steep part of the learning curve. My use case is with Utility SCADA data but it should apply anywhere there are complex strings needing to be matched. I plan for the session to be mostly demos. We'll go through some of the problems I had to solve and show you how I go from the data that needs a field extracted or even just an inline RegEx, to the solution. Tell your friends!