Regular Expressions 101

Community Patterns

Community Library Entry

0

Regular Expression
ECMAScript (JavaScript)

/
\d\s\d+\s\S+\s(?<srcaddr>(?:[0-9]{1,3}\.){3}[0-9]{1,3})\s(?<dstaddr>(?:[0-9]{1,3}\.){3}[0-9]{1,3})\s(?<srcport>\d+)\s(?<dstport>\d+)[\s\d+\s]{1,}(?<action>\w+)\s(?<status>\w+)$
/
gm

Description

This will pull out the source, destination IP addresses and the destination port from a default ENI flow log entry.

Submitted by Abram Flansburg - 3 years ago (Last modified 3 years ago)