Solved: Re: Regex to insert ":" after every second charact...

coenvandijk · ‎08-12-2017

Hello

I have a string of all uppercase letters (no digits) I need a regex to insert a ":" after every second character FAGHIJGN becomes FA:GH:IJ:GN How can I do this with a regex?

Thanks in advance,
Coen

jkat54 · ‎08-12-2017

If with search:

| rex mode=sed "s/(\w{2})(?=\w{1,2})/\1:/g"

If with props:

 SEDCMD-aaa = s/(\w{2})(?=\w{1,2})/\1:/g

These work too:

| rex mode=sed "s/(\w{2})(?=\w+)/\1:/g"

SEDCMD-aaa = s/(\w{2})(?=\w+)/\1:/g

View solution in original post

woodcock · ‎08-12-2017

Like this:

... | rex field=YourFieldNameHere mode=sed "s/(.{2})/\1:/g s/:$//"

DalJeanis · ‎08-13-2017

@woodcock - Holy crud, sed mode allows multiple replacements in a single call?

That would simplify the ... presentation, lets say... of my more complicated uses of the format command.

I have a NEW TOY!

See why I keep you guys around?

woodcock · ‎08-13-2017

Ask anybody, I am full of IT.

jkat54 · ‎08-12-2017

If with search:

| rex mode=sed "s/(\w{2})(?=\w{1,2})/\1:/g"

If with props:

 SEDCMD-aaa = s/(\w{2})(?=\w{1,2})/\1:/g

These work too:

| rex mode=sed "s/(\w{2})(?=\w+)/\1:/g"

SEDCMD-aaa = s/(\w{2})(?=\w+)/\1:/g

DalJeanis · ‎08-13-2017

@jkat54 - As coded, wouldn't that be limited to even numbers of pairs? I think you want that second \w{2} to be a positive lookahead, and only add the colon after \1.

  | rex mode=sed "s/(\w{2})(?=\w{2})/\1:/g"

jkat54 · ‎08-13-2017

Worked on regex101.com with even or odd numbers of letters.

jkat54 · ‎08-13-2017

Ah I was able to break it... and fix it

Your approach is better but doesn't work with 5,7,etc

This does:

(\w{2})(?=\w{1,2})

Updating my answer

DalJeanis · ‎08-13-2017

@jkat54 - good point, but you can kill the {1,2} as redundant, since it's a zero length assertion so {1} is enough.

Regex to insert ":" after every second character

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!