Regular Expressions 101

Community Patterns

AEM access.log - field extraction for SPLUNK

0

Regular Expression
PCRE2 (PHP >=7.3)

/
^(?<aem_access_remote_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\s(?<aem_access_domain>\S+)\s(?<aem_access_user>\S+)\s(?<aem_access_date>\S[^:]+):(?<aem_access_bytes_out>\S+)\s(?<aem_access_GMT_offset>[^ ]+)\s"(?<aem_access_request_method>[^ ]+)\s(?<aem_access_request_path>[^ ]+)\s(?<aem_access_request_protocol>[^ ]+)"\s(?<aem_access_status_code>[^ ]+)\s(?<aem_access_request_duration>[^ ]+)\s"(?<aem_access_referrer>[^ ]+)"\s"(?<aem_access_user_agent>.*)"
/
gm

Description

AEM access.log - field extraction for SPLUNK

Submitted by Robert Wunsch (wunsch@adobe.com) - a year ago