Solved: Can you help me build a regex that isolates and re...

newill · ‎11-19-2018

Hello,

I need some help with removing a specific character from a field. I have a field we'll call A. In it is typically a 7 character string with both numbers and letters. Occasionally, an 8 character value appears and I need to remove the extra character. Here is the format

Typical= A1AAA11  
Atypical = A1AAAB11

I need to isolate the B and remove it. Sometimes the letter represented by B could also be in one of the A spots. So I can't just remove all instances of B or I"d lose legit characters. I need to isolate the 6th spot and if there are 8 total characters, remove it.

How can this be done? I am no good at regex :(.

Thanks for any help.

somesoni2 · ‎11-19-2018

Give this a try

your current search which includes field A
| eval A=if(len(A)=8,substr(A,1,5).substr(A,6,2),A)

View solution in original post

newill · ‎11-19-2018

Thank you, that got me where I needed to be, though I had to adjust it one spot as such:

your current search which includes field A
| eval A=if(len(A)=8,substr(A,1,5).substr(A,7,2),A)

somesoni2 · ‎11-19-2018

Give this a try

your current search which includes field A
| eval A=if(len(A)=8,substr(A,1,5).substr(A,6,2),A)

Can you help me build a regex that isolates and removes a single character in a field?

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...