Can you please help me in masking the data.
Raw Data: -> "login": "44337754-004613081080P"
I want the number to be masked as the below pattern
Example: 44337754-004613081080P
Expected result of masking
Example (masked): ****7754-*********080P
I tried with the following
| rex mode=sed "s/(\"login\"\:\s+\")(\w+)(\d\d\d)-/\1\2xxx-/g"
But not getting the expected output
I think part of the problem is the regex is looking for 3 digits followed by a hyphen and there's only one instance of that in the sample data so only one substitution.
Try a different regex that matches the entire string (assuming all events follow the same pattern):
| rex mode=sed "s/(\"login\"\:\s+\")\w{5}(\d\d\d)-\d{9}(\w+)/\1xxxxx\2-xxxxxxxxx\3/"
hi @Vignesh-107,
Try this:
| makeresults
| eval _raw="\"login\": \"44337754-004613081080P\""
| rex mode=sed "s/(\"login\"\:\s+\")\d{4}(\d{4}-)\d{9}/\1****\2*********/g"
If this reply helps you, an upvote/like would be appreciated.