Hi stevenbutterworth,
you can move in two ways depending by the number of values you have, in other words, you have anyway to extract the WellNumber using rex command
| rex field=your_field "_(?<WellNumber>\d+)"
then if you have few different values, you can use eval command
| eval New_field=case(WellNumber="15","H315",WellNumber="3","H305",WellNumber="19","H319")
if instead you have many different values, you can build a lookup containing the correlation values:
WellNumber,New_field
15,H315
3,H305
19,H319
and use lookup command
| lookup my_lookup.csv WellNumber OUTPUT New_field
Bye.
Giuseppe
