Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

strip portion of an email

brownt61
Explorer
‎03-20-2020 07:57 AM

I am needing to strip a portion out of email's. I have a list of email addresses where some of them contain -priv before the @ that I need stripped out leaving what would be the "normal" email address.

example address
example-priv@email.com

I want to be left with example@email.com

can someone help me with the rex for this?

thank you

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎03-20-2020 08:55 AM

Try | rex field=email mode=sed "s/-priv//"

---
If this reply helps you, Karma would be appreciated.

View solution in original post

Reply
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎03-20-2020 08:55 AM

Try | rex field=email mode=sed "s/-priv//"

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution

brownt61
Explorer
‎03-20-2020 09:03 AM

Thank you, this worked

0 Karma
Reply
Solved! Jump to solution

woodcock
Esteemed Legend
‎03-20-2020 08:54 AM

Like this:

| makeresults 
| eval email="example-priv@email.com" 
| rex field=email mode=sed "s/-[^@]+@/@/g"
0 Karma
Reply
Solved! Jump to solution

brownt61
Explorer
‎03-20-2020 08:59 AM

Thank you, I should add that I have since noticed that there are email addresses that have an appropriate need to have - in them.

example
surname.givenname-middlename-priv@email.com

so I really need to only strip emails that have -priv in them, not any email that contains a - from the - to @

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...