Good morning,
I have a log file, that I am told by security the email addresses need to be hashed. Any idea how I do this?
Hi daniel333,
as @Damien Dallimore said there isn't any way to do yhis in Splunk.
For one our customer, by suggest of Splunk Professional services, we encrypted a field in a log pre-processing it with an external PHP script that was using a certificate to have a reversible encrypting.
In this way we're able to decrypt the field and know the real value of this field (an account name in proxy navigating).
The procedure is that:
Bye.
Giuseppe
If you want to hash a field or encrypt a field or encrypt a hash of a field (it's not clear from your post title and body) , then you can't do this natively with Splunk.You'll need an App/Add-On/Custom code etc... to perform some sort of pre-processing for you.
Depending on how you are indexing your data , you can get some ideas from this blog post : www.baboonbones.com/blog/get-binary-data-splunk/ , in particular the "Data Obfuscation in Splunk Enterprise"
link.