Hello,

im trying to use this function to hide filenames for windows event 4663 and attempt was made to access an object:

<Processor replace_files> 

Exec if $raw_event =~ /Object Name.*\.[a-zA-Z0-9]+$/ { 

# Replace file name with 'xxxxx' and keep the file extension intact

 $raw_event = regex_replace($raw_event, '(Object Name.*\\)[^\\]+(\.[a-zA-Z0-9]+)', '\1xxxxx\2'); 

} 

</Processor>

nxlog logs keeps telling im missing a module, is this function locked to the enterprise version ? is there another way around it ?

thanks in advance