Regular Expressions 101

Community Patterns

Tandem logs

0

Regular Expression
PCRE (PHP <7.3)

/
^<134> CEF:0\|(?<product>[^|]+)\|(?<subproduct>[^|]+)\|(?<otro>[^|]+)\|(?<category>[^|]+)\|(?<subcategory>[^|]+)\|(?<numero>[^|]+)\|cs3=\s(?<cs3>\w+)\sSessStart=\s(?<SessStart>\w+)\sSessEnd=\s(?<SessEnd>\w+)\scs4=\s+sproc=\s\\(?<sproc>[^\s]+)\sSessProcID2=\s+filePath=\s\\(?<filepath>[^\s]+)\sAncesProcID=\s+src=\s(?<src>[^\s]+)\sc6a2=\s(?<c6a2>[^\s]+)\ssourceDnsDomain=\s+CurrDir=\s+dst=\s+dhost=\s+(?<dhost>[^\s]+)\scs2=\s(?<cs2>[^\s]+)\s(?<destinationDnsDomain>[^\s]+)\s+deviceCustomDate1=\s(?<deviceCustomDate1>\w+\-\w+\-\w+\s\d+\:\d+\:\d+\.\d+)\srt=\s(?<rt>\w+\-\w+\-\w+\s\d+\:\d+\:\d+\.\d+)\sexternalId=\s(?<externalId>[^\s]+)\scn1=\s
/
gm

Description

NA

Submitted by anonymous - 3 years ago