Regular Expressions 101

Save & Share

  • Regex Version: ver. 1
  • Update Regex
    ctrl+⇧+s
  • Save new Regex
    ctrl+s
  • Add to Community Library

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

/
/
gm

Test String

Code Generator

Language

Generated Code

#include <StringConstants.au3> ; to declare the Constants of StringRegExp #include <Array.au3> ; UDF needed for _ArrayDisplay and _ArrayConcatenate Local $sRegex = "(?m)(Account Name: (?!-$)([\w\_\-\:\.]+))|(Account Domain: (?!-$)([\w\_\-\:\.]+))|(Workstation Name: ([a-zA-Z\_]+))|(Source Network Address: ([0-9\.]+))" Local $sString = "An account failed to log on." & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "Subject:" & @CRLF & _ "" & @CRLF & _ " Security ID: NULL SID" & @CRLF & _ "" & @CRLF & _ " Account Name: -" & @CRLF & _ "" & @CRLF & _ " Account Domain: -" & @CRLF & _ "" & @CRLF & _ " Logon ID: 0x0" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "Logon Type: 3" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "Account For Which Logon Failed:" & @CRLF & _ "" & @CRLF & _ " Security ID: NULL SID" & @CRLF & _ "" & @CRLF & _ " Account Name: smith" & @CRLF & _ "" & @CRLF & _ " Account Domain: DOMAIN_D" & @CRLF & _ "" & @CRLF & _ " Account Domain: DOMAIN-D" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "Failure Information:" & @CRLF & _ "" & @CRLF & _ " Failure Reason: Unknown user name or bad password." & @CRLF & _ "" & @CRLF & _ " Status: 0xC000006D" & @CRLF & _ "" & @CRLF & _ " Sub Status: 0xC000006A" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "Process Information:" & @CRLF & _ "" & @CRLF & _ " Caller Process ID: 0x0" & @CRLF & _ "" & @CRLF & _ " Caller Process Name: -" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "Network Information:" & @CRLF & _ "" & @CRLF & _ " Workstation Name: SMITH_D" & @CRLF & _ "" & @CRLF & _ " Source Network Address: 192.168.52.165" & @CRLF & _ "" & @CRLF & _ " Source Port: 0" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "Detailed Authentication Information:" & @CRLF & _ "" & @CRLF & _ " Logon Process: NtLmSsp " & @CRLF & _ "" & @CRLF & _ " Authentication Package: NTLM" & @CRLF & _ "" & @CRLF & _ " Transited Services: -" & @CRLF & _ "" & @CRLF & _ " Package Name (NTLM only): -" & @CRLF & _ "" & @CRLF & _ " Key Length: 0" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "This event is generated when a logon request fails. It is generated on the computer where access was attempted." & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe." & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network)." & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "The Process Information fields indicate which account and process on the system requested the logon." & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases." & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "" & @CRLF & _ "The authentication information fields provide detailed information about this specific logon request." & @CRLF & _ "" & @CRLF & _ " - Transited services indicate which intermediate services have participated in this logon request." & @CRLF & _ "" & @CRLF & _ " - Package name indicates which sub-protocol was used among the NTLM protocols." & @CRLF & _ "" & @CRLF & _ " - Key length indicates the length of the generated session key. This will be 0 if no session key was requested." Local $aArray = StringRegExp($sString, $sRegex, $STR_REGEXPARRAYGLOBALFULLMATCH) Local $aFullArray[0] For $i = 0 To UBound($aArray) -1 _ArrayConcatenate($aFullArray, $aArray[$i]) Next $aArray = $aFullArray ; Present the entire match result _ArrayDisplay($aArray, "Result")

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for AutoIt, please visit: https://www.autoitscript.com/autoit3/docs/functions/StringRegExp.htm