Regular Expressions 101

Community Patterns

suricata OSSIM regex-1

2

Regular Expression
Python

r"
^(?P<date>\S+\s+\d\s\d\d:\d\d:\d\d) (?P<hostname>\S+) suricata\[(?P<pid>\d+)\]: \[(?P<sid>\d+:\d+:\d+)\] (?P<msg>.+) \[Classification:(?P<classification>.+)\] \[Priority:(?P<priority> \d+)\] \{(?P<proto>.+)\} (?P<src_ip>[\d.]{7,15}):(?P<src_port>\d+) -> (?P<dst_ip>[\d.]{7,15}):(?P<dst_port>\d+)$
"

Description

no description available

Submitted by anonymous - 9 years ago