Would it be difficult to create a rex search for an email scheme starting with alpha characters (no set amount of characters) and ending in 3 or more numbers before the "@" symbol of an email address?
If anyone knows how and can explain, that would be greatly appreciated!
Does this help ?
| makeresults
| eval email="recipient1234@gmail.com"
| rex field=email "(?<username>[A-Za-z]+\d{3,})\@(?<domain>\S+)"
| table email username domain
[A-Za-z]+\d{3,} -> will find a string with upper case or lower case characters followed by three or more numbers and will extract it to the field username
\S+ -> Captures anything but a white space after the @ and extracts it to the dield domain