Ad Widget

**gert.derouck** · 08-07-2020, 00:38

Yes, you can use regsub in the trigger name.

**cesarsj** · 14-07-2020, 23:38

Originally posted by gert.derouck

Yes, you can use regsub in the trigger name.

I put the name like this:

The user {{ITEM.VALUE}.regsub(^(?:[^|]*\|){4}([^|]*), \1)} did " {{ITEM.VALUE}.regsub(^(?:[^|]*\|){6}([^|]*), \1)}" the {{ITEM.VALUE}.regsub(^(?:[^|]*\|){7}([^|]*), \1)} service from the host with IP {{ITEM.VALUE}.regsub(^(?:[^|]*\|){3}([^|]*), \1)}

And the output was:

The user {timestamp | date | machine | IPdest | username | IPfrom | action | service | protocol | ports | duration
.regsub(^(?:[^|]*\|){4}([^|]*), /1)}
did " {timestamp | date | machine | IPdest | username | IPfrom | action | service | protocol | ports | duration
.regsub(^(?:[^|]*\|){6}([^|]*), /1)}"
the {timestamp | date | machine | IPdest | username | IPfrom | action | service | protocol | ports | duration
.regsub(^(?:[^|]*\|){7}([^|]*), /1)}
service from the host with IP {timestamp | date | machine | IPdest | username | IPfrom | action | service | protocol | ports | duration
.regsub(^(?:[^|]*\|){3}([^|]*), /1)}

That is, it did not work.

**gert.derouck** · 15-07-2020, 11:36

Try using double quotes... Twice:
{{ITEM.VALUE}.regsub("^(?:[^|]*\|){4}([^|]*)", "\1")}

**cesarsj** · 15-07-2020, 22:57

Originally posted by gert.derouck

Try using double quotes... Twice:
{{ITEM.VALUE}.regsub("^(?:[^|]*\|){4}([^|]*)", "\1")}

So it worked! Thank you!

Ad Widget

Can you use macro functions in trigger name?

Can you use macro functions in trigger name?

Comment

Comment

Comment

Comment