import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class Example {
public static void main(String[] args) {
final String regex = "ASM:unit_hostname=.*?policy_name=\"(?<policy>.*?)\".*?violations=\"(?<threatid>.*?)\".*?request_status=\"(?<tag2>(?<status>\\w+))\",response_code=\"(?<responsecode>\\d+)\".*?ip_client=\"(?<sip>.*?)\".*?method=\"(?<command>\\w+)\",protocol=\"(?<protname>.*?)\"(,query_string=\"(?<tag3>.*?)\")?(.*?severity=\"(?<severity>.*?)\")?(,attack_type=\"(?<tag1>(?<threatname>.*?))\")?(.*?username=\"(n\\/a|(?<login>.*?))\")?(,session_id=\"(?<session>.*?)\")?(,src_port=\"(?<sport>\\d+)\")?(,dest_port=\"(?<dport>\\d+)\")?(,dest_ip=\"(?<dip>.*?)\")?(,sub_violations=\"(?<reason>.*?)\")?(.*?sig_cved=\"(?<threatId>.*?)\")?(.*?uri=\"(?<url>.*?)\")?.*?request=\"(?<objectname>(.*?Host: (?<dname>.*?)\\\\r\\\\n)?(.*?User-Agent:(?<useragent>.*?)\\\\r\\\\n)?(.*?Referer:(?<object>.*?)\\\\r\\\\n)?(.*?Message%22:%22(?<subject>.*?)%22)?.*?)$";
final String string = "05 19 2022 12:57:11 2.0.0.5 <LOC0:INFO> May 19 12:57:11 test2xxxx.com ASM:unit_hostname=\"test2xxxx.com\",management_ip_address=\"10.1.1.1\",management_ip_address_2=\"::\",http_class_name=\"/Common/policy\",web_application_name=\"/Common/policy\",policy_name=\"/Common/policy\",policy_apply_date=\"2022-05-18 10:34:52\",violations=\"N/A\",support_id=\"11111111111111111111111111\",request_status=\"passed\",response_code=\"200\",ip_client=\"8.0.1.7\",route_domain=\"922\",method=\"POST\",protocol=\"HTTPS\",query_string=\"\",x_forwarded_for_header_value=\"8.0.1.7\",sig_ids=\"N/A\",sig_names=\"N/A\",date_time=\"2022-05-19 12:57:11\",severity=\"Informational\",attack_type=\"N/A\",geo_location=\"SA\",ip_address_intelligence=\"N/A\",username=\"N/A\",session_id=\"dddddddddddddddddddddd\",src_port=\"23762\",dest_port=\"443\",dest_ip=\"2.2.2.2\",sub_violations=\"N/A\",virus_name=\"N/A\",violation_rating=\"0\",websocket_direction=\"N/A\",websocket_message_type=\"N/A\",device_id=\"N/A\",staged_sig_ids=\"N/A\",staged_sig_names=\"N/A\",threat_campaign_names=\"N/A\",staged_threat_campaign_names=\"N/A\",blocking_exception_reason=\"N/A\",captcha_result=\"not_received\",microservice=\"N/A\",tap_event_id=\"N/A\",tap_vid=\"N/A\",vs_name=\"/Common/RAI_web\",sig_cves=\"N/A\",staged_sig_cves=\"N/A\",uri=\"/api/surveyssettings/update\",fragment=\"\",request=\"POST /api/surveyssettings/update HTTP/1.1\\r\\nHost: rai.xxxx.com\\r\\nConnection: keep-alive\\r\\nContent-Length: 601\\r\\nsec-ch-ua: %22 Not A;Brand%22;v=%2299%22, %22Chromium%22;v=%22101%22, %22Google Chrome%22;v=%22101%22\\r\\nAccept: application/json, text/plain, */*\\r\\nLang: ar\\r\\nsec-ch-ua-mobile: ?0\\r\\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36\\r\\nsec-ch-ua-platform: %22Windows%22\\r\\nContent-Type: application/json;charset=UTF-8\\r\\nOrigin: https://rai.xxxx.com\\r\\nSec-Fetch-Site: same-origin\\r\\nSec-Fetch-Mode: cors\\r\\nSec-Fetch-Dest: empty\\r\\nAccept-Encoding: gzip, deflate, br\\r\\nAccept-Language: en,ar;q=0.9,en-US;q=0.8\\r\\nCookie: .AspNetCore.Culture=c%3Dar-SA%7Cuic%3Dar-SA; BPBBBBBBB=d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5d5; dm2=!v87cvbt78ffdv76tv87ht87vtsdb879bt879ftb7s6dbt87asdtf786astd7b6as76dftba87fa76sdfbt876asdtbf76sndtb7asdf76t7d6ft76dtbf/OUM=; .AspNetCore.Cookies=f7h5765hs87df5h8s7d6f5hf587s6dfh876sdfh765dfh675sfdsdf7g5fg675fd76g-ftf54-562PlNFc546v54v6hYJrSOhPPIfbpzCvi8rhMZUv0ub8sf8nXwUv45634v5vkhrB-45656WRv54654HI-_54yhg5CFuQ05QmPP6trytrye0ch2trP-rtfoNvDeWNMqZmuslvCMRrghUrpl8C8xu-zeaserytOYtIJZw25v9u42i40S-456756ujMrtysrtyjb-dtru56h_g6; BP404e1a15=408a4314117c2e61ghjgfhgfhfh88709870987hg9086dfgh986fg986fg98hj6dfg098h6fg9h854de21ea0a3790034b8919b02daa1bf81cf038f3d282781711\\r\\nX-Forwarded-For: 86.60.117.57\\r\\n\\r\\n{%22endDate%22:null,%22showProgressBar%22:null,%22collectEmail%22:null,%22isAnonymous%22:false,%22attachmentsId%22:null,%22surveyKey%22:%22CfDJ8OQ9_rktECJNqRvUhdqKqxP9-wJQSCczhFTirF_heCwZVV3YnmhnUIxvjigVY7duV6iL6v8rVeEfeeUNZsJR7Eo65eH62wPhGV5EFjLH456hfjHtTuuEJkfoCa_OJ0UQ%22,%22attachmentsTitle%22:null,%22confirmMessage%22:%22Thanks for your feedback%22,%22themeColor%22:null,%22backgroundColor%22:null,%22acceptNotification%22:true,%22objectKey%22:%2206950336-j560-dfjh65-8f92-hgfdrtuyrtu6d3%22,%22entityCode%22:%tuhtyu9_rktECJNqRvUhdqKqxO4456756jhfjfdD5fVruvMfOLS_Xq9vElFp9veszDJj-9O2FE-O5XfnV7vTd7gKrn1nwfgjhj657rJhg%22}\",response=\"Response logging disabled\"";
final Pattern pattern = Pattern.compile(regex, Pattern.MULTILINE);
final Matcher matcher = pattern.matcher(string);
while (matcher.find()) {
System.out.println("Full match: " + matcher.group(0));
for (int i = 1; i <= matcher.groupCount(); i++) {
System.out.println("Group " + i + ": " + matcher.group(i));
}
}
}
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Java, please visit: https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html