oh man you are the man. it worked really well. 

if you dont mind me bugging you some more.

based on the value returned on line count. 

ie: if less than 5 lines i can have myfield=PASS

but if its more than 10 lines, i want it to list all the values in each row:

1

2

3

4

5

6

6

7

8

9

10

11

12

I don't quite understand. What line count? How many values you get in this field? (that were originally pipe-separated)

You can use eval with if or case and mvcount. But you only specified what to do with 5- values and 10+. What about if you have between 5 and 10 values?

hi sorry.

so from the initial

| rex max_match=0 "(?<myfield>[^|]+)"

based on the output of `myfield` when i do a stats count its equal to 12 

so now my goal is, if  `myfield is less than 5`i want myfield to equal the word PASS

but  if myfield is more than 5 (during stats count for exmaple of mvcount), i want it to list the values of myfield (which is 1 2 3 4 5 6 7 8 9 10 11 12)

i hope this makes sense.   

OK. So now you have conditionally rewrite the field.

| eval myfield=if(mvcount(myfield)<5,"PASS",myfield)

I'm not sure though that I'd want to overwrite the initial values. I'd rather add another field. But hey, it's your data 😉