Example Log:
CEF:0|WAF|SIEMintegration|1|1|Normal|0| fileId=989000730114151753 sourceServiceName=website.com postbody=first_name\=XXXXXX&last_name\=XXXX&shipping_first_name\=ABCDE&shipping_last_name\=EFGHI&record_number\=123412345
I am having trouble getting my regex in transforms.conf to mask:
1. shipping_first_name
2. shipping_last_name
3. record_number
Transforms.conf
[record-anonymizer]
REGEX = (?m)^(.*)record_number..\d{2,}$
FORMAT = $1rn=##
DEST_KEY = _raw
[first-name-anonymizer]
REGEX = (?m)^(.*)shipping_first_name..(\w{2,})&$
FORMAT = $1fn=##$
DEST_KEY = _raw
[last-name-anonymizer]
REGEX = (?m)^(.*)shipping_last_name..(\w{2,})&$
FORMAT = $1ln=##$
DEST_KEY = _raw
props.conf
[Test]
TRANSFORMS-anonymize = record-anonymizer, first-name-anonymizer, last-name-anonymizer
... View more