Calculates a secure hash of a field and uses that to match events as a filter. See hashRewrite() on how get hashes into events. Bits must be set to the value applied when the hash was stored in the event.

Function Traits: Filter, WithInputField

bitsintegeroptional256 Hash algorithm output bits to keep. Must be a multiple of 8.
fieldstringoptional  The name of the field to look for an exact match against. If not set then @rawstring is searched for a matching substring.
hashstringoptionalsha256 Hash algorithm to use for the match
  Valid Valuessha256
input[a]stringrequired  A constant value to hash and then apply as the search term.
saltstringoptional  The name of the secret salt to use.

[a] The argument name input can be omitted.

The parameter name for input can be omitted; the following forms are equivalent:




hashMatch() Examples

Filter events to only match those that have the value in the ssn field equal to the hash of 12345678

ssn =~ hashMatch("12345678", salt="salt1")

Filter events to only match those that have the value of the hash of 12345678 somewhere in @rawstring

hashMatch("12345678", salt="salt1")