Regular Expressions 101

Community Patterns

OpenVPN access log

0

Regular Expression
PCRE2 (PHP >=7.3)

/
^(?P<dst_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})?,?(?P<User>[a-zA-Z._\d]+),(?P<src_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):(?<ID>\d+)
/
gm

Description

This regular expression can be used in SIEM or scripts to extract special fields such as:

Submitted by EskiSlav - 2 years ago (Last modified 2 years ago)