pseudonymize

Version: v4.22
pseudonymize
Pseudonymizes fields according to a given method.
Deprecated
This operator will soon be removed in favor of first-class support for functions that can be used in a variety of different operators and contexts.
Synopsis
pseudonymize -m|--method=<string> -s|--seed=<seed> <extractor>...
Description
The pseudonimize operator replaces IP address using the Crypto-PAn algorithm.
Currently, pseudonimize exclusively works for fields of type ip.
-m|--method=<string>
The algorithm for pseudonimization
-s|--seed=<seed>
A 64-byte seed that describes a hexadecimal value. When the seed is shorter than 64 bytes, the operator will append zeros to match the size; when it is longer, it will truncate the seed.
<extractor>...
The list of extractors describing fields to pseudonomize. If an extractor matches types other than IP addresses, the operator will ignore them.
Example
Pseudonymize all values of the fields src_ip and dest_ip using the crypto-pan algorithm and deadbeef seed:
pseudonymize --method="crypto-pan" --seed="deadbeef" src_ip, dest_ip
Edit this page

Synopsis

Description

`-m|--method=<string>`

`-s|--seed=<seed>`

`<extractor>...`

Example

pseudonymize

Synopsis​

Description​

-m|--method=<string>​

-s|--seed=<seed>​

<extractor>...​

Example​