I have a couple of Custom Logs in Log-Analytics. I want to parse columns of one log using columns from another log. Using join I can get to the stage where all the data is in a single table.
Like:
| Label | Data |
| First | First=abc , Second=def , Third= ghi |
| Second | First=abc , Second=def , Third= ghi |
I want another column with the respective data mapped like:
| Label | Data | Value |
| First | First=abc , Second=def , Third= ghi | abc |
| Second | First=abc , Second=def , Third= ghi | def |
Is there a way I can parse this. I have tried using the KQL's parse function and regex. But they only work to parse fixed statements. Here the **Label** is not fixed.
Any tips?
