Regular Expressions 101

Save & Share

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

/
/
g

Test String

Code Generator

Language

Generated Code

#include <StringConstants.au3> ; to declare the Constants of StringRegExp #include <Array.au3> ; UDF needed for _ArrayDisplay and _ArrayConcatenate Local $sRegex = "\[\*\*\]\s*\[([0-9]*)\:([0-9]*)\:([0-9]*)\]\s*([A-Za-z0-9\s_\-]*)\[\*\*\]\s*\[Classification\:([\s*A-Za-z]*)\]\s*\[Priority\:([\s*0-9]*)\]\s*([0-9\/\-\:\.]*).\s*([0-9\.\:]*)\s*\s*\-\>\s*([0-9\.\:]*)\s*([A-Z]*)\s*TTL\:([0-9]*)\s*TOS\:([0-9a-z]*)\s*ID\:([0-9]*)\s*IpLen\:([0-9]*)\s*DgmLen\:([0-9]*)\s*" Local $sString = "[**] [1:2925:3] INFO web bug 0x0 gif attempt [**]" & @CRLF & _ "[Classification: Misc activity] [Priority: 3] " & @CRLF & _ "11/29-13:47:40.115422 173.193.208.130:80 -> 192.168.89.10:1585" & @CRLF & _ "TCP TTL:55 TOS:0x0 ID:26660 IpLen:20 DgmLen:596 DF" & @CRLF & _ "***AP*** Seq: 0xC1F5317B Ack: 0x9D29EAE0 Win: 0x4D00 TcpLen: 20" & @CRLF & _ "" & @CRLF & _ "[**] [1:2001664:7] ET P2P Gnutella Connect [**]" & @CRLF & _ "[Classification: Potential Corporate Privacy Violation] [Priority: 1] " & @CRLF & _ "07/11-10:25:16.767778 192.168.29.10:1069 -> 78.251.240.180:6346" & @CRLF & _ "TCP TTL:128 TOS:0x0 ID:555 IpLen:20 DgmLen:230 DF" & @CRLF & _ "***AP*** Seq: 0x26D2EC45 Ack: 0xB2CF6DED Win: 0xFFFF TcpLen: 20" & @CRLF & _ "[Xref => http://doc.emergingthreats.net/bin/view/Main/2001664][Xref => http://www.gnutella.com]" & @CRLF & _ "" & @CRLF & _ "[**] [1:1917:6] SCAN UPnP service discover attempt [**]" & @CRLF & _ "[Classification: Detection of a Network Scan] [Priority: 3] " & @CRLF & _ "05/18-05:39:09.470388 192.168.87.10:1037 -> 239.255.255.250:1900" & @CRLF & _ "UDP TTL:1 TOS:0x0 ID:367 IpLen:20 DgmLen:161" & @CRLF & _ "Len: 133" & @CRLF & _ "" & @CRLF & _ "[**] [1:399:6] ICMP Destination Unreachable Host Unreachable [**]" & @CRLF & _ "[Classification: Misc activity] [Priority: 3] " & @CRLF & _ "10/04-07:47:30.314309 64.94.0.15 -> 192.168.34.10" & @CRLF & _ "ICMP TTL:251 TOS:0x0 ID:3329 IpLen:20 DgmLen:56" & @CRLF & _ "Type:3 Code:1 DESTINATION UNREACHABLE: HOST UNREACHABLE" & @CRLF & _ "** ORIGINAL DATAGRAM DUMP:" & @CRLF & _ "192.168.34.10:1054 -> 86.55.140.203:80" & @CRLF & _ "TCP TTL:123 TOS:0x0 ID:288 IpLen:20 DgmLen:48 DF" & @CRLF & _ "Seq: 0xB8E82AB7" & @CRLF & _ "** END OF DUMP" & @CRLF & _ "" & @CRLF & _ "[**] [1:486:4] ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited [**]" & @CRLF & _ "[Classification: Misc activity] [Priority: 3] " & @CRLF & _ "09/03-01:17:27.235233 94.75.225.186 -> 192.168.20.10" & @CRLF & _ "ICMP TTL:53 TOS:0x0 ID:61974 IpLen:20 DgmLen:68" & @CRLF & _ "Type:3 Code:10 DESTINATION UNREACHABLE: ADMINISTRATIVELY PROHIBITED HOST FILTERED" & @CRLF & _ "** ORIGINAL DATAGRAM DUMP:" & @CRLF & _ "192.168.20.10:1040 -> 94.75.225.186:80" & @CRLF & _ "TCP TTL:111 TOS:0x0 ID:160 IpLen:20 DgmLen:40 DF" & @CRLF & _ "Seq: 0xCD429A54" & @CRLF & _ "(12 more bytes of original packet)" & @CRLF & _ "** END OF DUMP" & @CRLF & _ "" & @CRLF & _ "[**] [1:1917:6] SCAN UPnP service discover attempt [**]" & @CRLF & _ "[Classification: Detection of a Network Scan] [Priority: 3] " & @CRLF & _ "03/13-15:01:46.813719 192.168.42.10:1033 -> 239.255.255.250:1900" & @CRLF & _ "UDP TTL:1 TOS:0x0 ID:349 IpLen:20 DgmLen:161" & @CRLF & _ "Len: 133" Local $aArray = StringRegExp($sString, $sRegex, $STR_REGEXPARRAYGLOBALFULLMATCH) Local $aFullArray[0] For $i = 0 To UBound($aArray) -1 _ArrayConcatenate($aFullArray, $aArray[$i]) Next $aArray = $aFullArray ; Present the entire match result _ArrayDisplay($aArray, "Result")

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for AutoIt, please visit: https://www.autoitscript.com/autoit3/docs/functions/StringRegExp.htm