I want to filter the following word APPLE from this string:
"[BANANA => APPLE]"
I tried to do that with the RegEx (?<=\> ).+?(?=]) but that doesn't solve my problem.
EDIT: I am trying this in Grok Debugger.
%{TO:client}.
TO (?<=\> ).+?(?=])
but displaying to me no matches.
Grok uses an Oniguruma regex engine, and fields are usually created with the help of named groups:
you can use the Oniguruma syntax for named capture which will let you match a piece of text and save it as a field
You should use a named capturing group with a pattern like
=>\s*(?<client>[^\]]+)
It will match =>, 0+ whitespaces, and then will capture into Group "client" (the client field will then get created) one or more chars other than ].