Regular Expressions 101

Community Patterns

kasper-py-regexp for agent

1

Regular Expression
Python

r"
(?P<device>\w+-\w+)\s+(?P<ObjectDetected>\w+.\w+.\w+.\w+.)(?P<date>\w+,\s+\w+\s+\d+,\s+\d+)\s+(?P<time>\d+:\d+:\d+\s+\w{1,2})\s+(?P<Path>[A-Z]:\\.+)\s+(?P<Type>Trojan|Virus|Worm)\s+((?P<Action>).+)((?P<Account>)((DOTIN\\)).+)\s+(?P<AVApplication>(Kaspersky).+)(?P<version>\d+.\d+.\d+.\d+)\s+((?P<Visibledate>(Monday,|Saturday,|Sunday,|Tuesday,|Wednesday,|Thursday,|Friday,))\s+(January|February|March|April|May|June|July|August|September|October|November|December)\s+(\d+,\s+\d+\s+\d+:\d+:\d+\s+\w+))\s((?P<lastConnection>(Monday,|Saturday,|Sunday,|Tuesday,|Wednesday,|Thursday,|Friday,))\s+(January|February|March|April|May|June|July|August|September|October|November|December)\s+\d+,\s+\d+\s+\d+:\d+:\d+\s+(PM|pm|AM|am))\s+(?P<IP>\d+.\d+.\d+.\d+)\s+(?P<ClientName>\w+-\w+)\s+(?P<Domain>\w+)
"

Description

no description available

Submitted by reza-ad - 8 years ago