Hello everyone,
I'm using the SPL to get credit card numbers on search time (I would like to maintain this on search time) :
| rex field=_raw "(?<firstStep_CC>(?:\d[ -]*?){13,30})"
| eval secondStep_CC=replace(firstStep_CC, "\-|\s|\.", "")
| rex field=secondStep_CC "(?<creditcard>^4[0-9]{12}(?:[0-9]{3})?)|(^5[1-5][0-9]{14})|(^6(?:011|5[0-9][0-9])[0-9]{12})|(^3[47][0-9]{13})|(^3(?:0[0-5]|[68][0-9])[0-9]{11})|((?:2131|1800|35\d{3})\d{11})"
With this SPL I get possible credit card numbers, but invalid numbers as well. Do you need a way to get only valid numbers?
I thought to split each digit from creditcard and do a mod10 verification, but I don't know if it's efficient. I read a lot of posts like these:
https://community.splunk.com/t5/All-Apps-and-Add-ons/TA-luhn-How-to-use-the-luhn-command-and-how-to-...
https://wiki.splunk.com/Community:Credit_card_masking_regex
Tks!
What constitutes a valid CC number? If you need to verify the check digits then you'll probably need a custom command.
What constitutes a valid CC number? If you need to verify the check digits then you'll probably need a custom command.
I need to validate if the credit card number is valid on search time, but for what I've found, is necessary to use the Luhn algorithm (modulus10) to do this. So I think, that it won't be possible to do just using SPL.