import re
regex = re.compile(r"Integrity checksum changed for:\s\'(?<pathName>[^\']+)")
test_str = ("2016 Oct 30 19:13:08 (AAV) 145.46.122.14->syscheck-registry\n"
" Rule: 596 (level 5) -> 'Registry Integrity Checksum Changed Again (3rd time)'\n"
" Integrity checksum changed for: 'HKEY_LOCAL_MACHINE\\Security\\SAM\\Domains\\Account'\n"
" Old md5sum was: '27511968a811898f0d7f1fed393d31d7'\n"
"5. New md5sum is : '5876c6ae278cce7ff2108d8396e10ddc'\n"
" Old sha1sum was: 'd94f9ea544b6b04caabc80d5bbe6b94854ae3406'\n"
" New sha1sum is : 'b46d17a3ddc54b5d03464374514398a1835f857e'\n\n\n\n"
"2016 Oct 29 06:53:09 (AAB) 145.46.40.146->syscheck-registry\n"
" Rule: 594 (level 5) -> 'Registry Integrity Checksum Changed'\n"
" Integrity checksum changed for: 'HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\Tomcat'\n"
" Old md5sum was: '3288a8f072b45b2fa9d879b2ba0fe453'\n"
"5. New md5sum is : 'ff17914ec4722e9b7d3scdb508c5d55d'\n"
" Old sha1sum was: '4d6b33e40721s837cd8de090ef0468b6b20a1f3b'\n"
" New sha1sum is : '270dca37b8681ca739de4493b704333fb3be86a3'\n\n")
matches = regex.finditer(test_str)
for match_num, match in enumerate(matches, start=1):
print(f"Match {match_num} was found at {match.start()}-{match.end()}: {match.group()}")
for group_num, group in enumerate(match.groups(), start=1):
print(f"Group {group_num} found at {match.start(group_num)}-{match.end(group_num)}: {group}")
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Python, please visit: https://docs.python.org/3/library/re.html