Regular Expressions 101

Community Patterns

SEBI Firewall Parser - 1

0

Regular Expression
PCRE (PHP <7.3)

/
>(?P<Time>.*)\s+(?P<DeviceIPAddress>\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s+date=(?P<Date>.*)\s+time=(?:\d+\W+\d+\W+\d+)\s+devname=(?<DeviceName>.*)\s+devid=(?P<DeviceID>\w+)\s+logid=(?:\d+)\s+type=(?P<LogType>\w+)\s+subtype=(?P<SubType>\w+)\s+level=(?P<Status>\w+)\s+vd=(?P<User>\w+)\s+logdesc=[\W+](?P<Message>.*)[\W+]\s+session_id=(?P<Session_ID>\w+)\s+policyid=(?:\d+)\s+srcip=(?P<SourceIP>\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s+srcport=(?P<SourcePort>\d+)\s+dstip=(?P<DestinationIP>\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\s+dstport=(?P<DestinationPort>\d+)\s+action=(?P<Action>\w+)\s+alert=(?:\d+)\s+desc=[\W+](?P<Description>.*)[\W+]\s+msg=[\W+](?P<msg>.*)[\W+]
/
gm

Description

no description available

Submitted by anonymous - 3 years ago