Solved: How to apply regex to a field?

thanks javiergn

one more question please, i want to apply a condition on the extracted field that is must exist, here’s my search:

index=proxy | rex field=url “http[s]?:\/\/[\w]{1,}\.[\w]{1,}\/(?<ppp>[0-9a-z]{10})$”
| where ppp=*
| table _time src dest_ip dest user ppp url status

but i get this error:

Error in ‘where’ command: The expression is malformed. An unexpected character  is reached at ‘* ‘. 

what can i do to fix this ?

thanks