Regular Expressions 101

Community Patterns

watched_movie

1

Regular Expression
PCRE (PHP <7.3)

/
(.*Request.*\[(?P<req_ip>.*)\:.*\].*GZIP)\n(.*)\n(.*)\n(.*Play.*\'(?P<watched>.*)\'.*)\n(.*User is\s(?P<who>.*)\s\(.*)\n(.*Device is(?P<device>.*)\.)\n(.*)\n(.*Completed.*\=(?P<movie_time>\d+)\&k.*\&time\=(?P<played_time>\d+)\s\(.*)
/
g

Description

Grab multiple events with various fields from plex media logs to see who watched what and when from where. Using for splunk dashboard.

Submitted by sydvishus - 8 years ago