#! /usr/bin/env bash
#
# Replace columns from "zeekctl top" output that are not predictable
# (such as PID) with Xs.

awk '{
    if ( $1 !~ /Name/ )
    {
        # Check the format of each field, and replace with Xs only if the
        # format is expected (some fields have unpredictable length, but
        # we need a constant-width string of Xs).
        if ( $4 ~ /^[0-9]+$/ ) { $4 = "XXXXX" }       # Pid
        if ( $5 ~ /^[0-9]+[KMG]$/ ) { $5 = "XXX" }    # VSize
        if ( $6 ~ /^[0-9]+[KMG]$/ ) { $6 = "XXX" }    # Rss
        if ( $7 ~ /^[0-9]+%$/ ) { $7 = "XX%" }        # Cpu
        if ( $8 ~ /^(zeek|[Pp]ython.*)$/ ) { $8 = "XXX" } # Cmd
    }

    print
}' | sort