Regular Expressions 101

Save & Share

  • Regex Version: ver. 1
  • Update Regex
    ctrl+⇧+s
  • Save new Regex
    ctrl+s
  • Add to Community Library

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

/
/
gm

Test String

Code Generator

Language

Generated Code

#include <StringConstants.au3> ; to declare the Constants of StringRegExp #include <Array.au3> ; UDF needed for _ArrayDisplay and _ArrayConcatenate Local $sRegex = "(?m)Processing Initiated: (?<TimeStamp>\w+\s+\w+\s+\d+\s+\d+:\d+:\d+\s+\d+)\s+.*Date Range Processed:\s+yesterday\s+\(\s+(?<Date_Range>[^ ]*)\s+.*\s+.*\s+Detail Level of Output:(?<Level_of_input>[^ ]*)\s+Type of Output\/Format:\s+(?<Type>.*)\s*Logfiles for Host: (?<Logfile>[^ ]*)\s+\#" Local $sString = "#################### Logwatch 7.4.0 (03/01/11) ####################" & @CRLF & _ " Processing Initiated: Mon Apr 8 10:26:58 2019" & @CRLF & _ " Date Range Processed: yesterday" & @CRLF & _ " ( 2019-Apr-07 )" & @CRLF & _ " Period is day." & @CRLF & _ " Detail Level of Output:5" & @CRLF & _ " Type of Output/Format: file / text" & @CRLF & _ " Logfiles for Host: vdlsplunkapph08" & @CRLF & _ "##################################################################" & @CRLF & _ "" & @CRLF & _ "------------------------Kernel Audit Begin------------------------" & @CRLF & _ "**Unmatched Entries** (Only first 100 out of 127 are printed)" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch error reporting limit reached - ending report notification." & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "dispatch err (pipe full) event lost" & @CRLF & _ "" & @CRLF & _ "---------------------- Kernel Audit End -------------------------" & @CRLF & _ "" & @CRLF & _ "---------------------Kernel Begin -----------------------------" & @CRLF & _ "WARNING: Kernel Errors Present" & @CRLF & _ " blk_update_request: I/O error, dev fdO, sector ...: 51 Time(s)" & @CRLF & _ "" & @CRLF & _ "2 Time(s): hpet: lost 1 rtc interrupts" & @CRLF & _ "5 Time(s): hpet: lost 10 rtc interrupts" & @CRLF & _ "4 Time(s): hpet: lost 11 rtc interrupts" & @CRLF & _ "3 Time(s): hpet: lost 13 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 14 rtc interrupts" & @CRLF & _ "5 Time(s): hpet: lost 15 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 16 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 17 rtc interrupts" & @CRLF & _ "4 Time(s): hpet: lost 18 rtc interrupts" & @CRLF & _ "4 Time(s): hpet: lost 19 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 2 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 20 rtc interrupts" & @CRLF & _ "3 Time(s): hpet: lost 22 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 23 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 24 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 25 rtc interrupts" & @CRLF & _ "4 Time(s): hpet: lost 26 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 27 rtc interrupts" & @CRLF & _ "3 Time(s): hpet: lost 3 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 31 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 32 rtc interrupts" & @CRLF & _ "5 Time(s): hpet: lost 34 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 36 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 37 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 38 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 39 rtc interrupts" & @CRLF & _ "4 Time(s): hpet: lost 4 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 40 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 41 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 42 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 43 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 47 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 48 rtc interrupts" & @CRLF & _ "3 Time(s): hpet: lost 5 rtc interrupts" & @CRLF & _ "3 Time(s): hpet: lost 6 rtc interrupts" & @CRLF & _ "2 Time(s): hpet: lost 7 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 8 rtc interrupts" & @CRLF & _ "1 Time(s): hpet: lost 9 rtc interrupts" & @CRLF & _ "" & @CRLF & _ "----------------------Kernel End ----------------------" & @CRLF & _ "" & @CRLF & _ "---------------------pam_unix Begin ---------------------" & @CRLF & _ "sshd: " & @CRLF & _ " Sessions Opened:" & @CRLF & _ " fk012640: 1 Time(s)" & @CRLF & _ " runansi: 1 Time(s)" & @CRLF & _ "" & @CRLF & _ "sudo:" & @CRLF & _ " Sessions Opened:" & @CRLF & _ " root -> root: 1 Time(s)" & @CRLF & _ "" & @CRLF & _ "----------------------pam_unix End-------------------------" & @CRLF & _ "" & @CRLF & _ "----------------------Postfix Begin------------------------" & @CRLF & _ "******Summary***************************************************************************************" & @CRLF & _ "" & @CRLF & _ " 13.569k Bytes accepted 13,895" & @CRLF & _ "123.627k Bytes sent via SMTP 126,594" & @CRLF & _ " 13.569k Bytes forwarded 13,895" & @CRLF & _ "======== =========================================================" & @CRLF & _ "" & @CRLF & _ " 1 Accepted 100.00%" & @CRLF & _ "-------- ---------------------------------------------------------" & @CRLF & _ " 1 Total 100.00%" & @CRLF & _ "======== =========================================================" & @CRLF & _ "" & @CRLF & _ " 2 Removed from queue" & @CRLF & _ " 9 Sent via SMTP" & @CRLF & _ " 1 Forwarded" & @CRLF & _ " " & @CRLF & _ " 1 PIX workaround enabled" & @CRLF & _ "" & @CRLF & _ "****** Detail (1) **************************************************************************************" & @CRLF & _ "" & @CRLF & _ " 9 Sent via SMTP --------------------------------------------------------------------------------" & @CRLF & _ " 9 syf.com" & @CRLF & _ "" & @CRLF & _ " 1 Forwarded--------------------------------------------------------------------------------------" & @CRLF & _ " 1 vdlsplunkapph08.prvcld.syfbank.com" & @CRLF & _ "" & @CRLF & _ " 1 PIX workaround enabled-------------------------------------------------------------------------" & @CRLF & _ " 1 disabled_esmtp delay_dotcrlf" & @CRLF & _ "" & @CRLF & _ "===Delivery Delays Percentiles ==============================================================" & @CRLF & _ " 0% 25% 50% 75% 90% 95% 98% 100%" & @CRLF & _ "---------------------------------------------------------------------------------------------" & @CRLF & _ "Before qmgr 0.01 0.01 0.01 0.01 0.18 0.94 1.40 1.70" & @CRLF & _ "In qmgr 0.01 0.02 0.02 0.02 0.02 0.02 0.02 0.02" & @CRLF & _ "Conn setup 0.00 0.04 0.04 0.04 0.04 0.04 0.04 0.04" & @CRLF & _ "Transmission 0.01 0.90 0.90 0.90 0.90 0.90 0.90 0.90" & @CRLF & _ "Total 0.96 0.96 0.96 0.96 1.03 1.37 1.57 1.70" & @CRLF & _ "============================================================================================= " & @CRLF & _ "" & @CRLF & _ "--------------------Postfix End------------------------------" & @CRLF & _ "" & @CRLF & _ "--------------------SSHD Begin-----------------------------" & @CRLF & _ "" & @CRLF & _ "Users logging in through sshd:" & @CRLF & _ " fk012640:" & @CRLF & _ " 10.65.26.142 (pplsplunkapda14.sec.syfbank.com): 1 time" & @CRLF & _ " runansi:" & @CRLF & _ " 10.144.33.20 (vdlnixcwapda01.prvcld.syfbank.com): 1 time" & @CRLF & _ "" & @CRLF & _ "Received disconnect:" & @CRLF & _ " 11:disconnected by user" & @CRLF & _ " 10.144.33.20 : 1 Time(s)" & @CRLF & _ " 10.65.26.142 : 1 Time(s)" & @CRLF & _ "" & @CRLF & _ "----------------------SSHD End -----------------------------" & @CRLF & _ "" & @CRLF & _ "---------------------Sudo (secure-log) Begin-------------------------" & @CRLF & _ "" & @CRLF & _ "fk012640 => root" & @CRLF & _ "----------------" & @CRLF & _ "/home/fk001233/scripts_for_SDC/logwatch.sh - 1 Time(s)." & @CRLF & _ "" & @CRLF & _ "-----------------------Sudo (secure-log) End----------------------------" & @CRLF & _ "" & @CRLF & _ "----------------------Disk Space Begin -----------------------------" & @CRLF & _ "Filesystem Size Used Avail Use% Mounted on" & @CRLF & _ " /dev/mapper/rootvg-root 35G 9.6G 26G 28% /" & @CRLF & _ " devtmpfs 32G 0 32G 0% /dev" & @CRLF & _ " /dev/mapper/vg_application-lv_opt_splunk 1.1T 2.7G 1.1T 1% /opt/splunk" & @CRLF & _ " /dev/sdb1 4.8G 20M 4.6G 1% /appbin" & @CRLF & _ " /dev/sda1 497M 178M 319M 36% /boot" & @CRLF & _ " npnfs8080c1da01-nfs:/vol/AISB_ATS_HOME/home/fk012640 23T 13T 11T 55% /home/fk012640" & @CRLF & _ " npnfs8080c1da01-nfs:/vol/AISB_AIS_HOME/home/fk001233 23T 13T 11T 55% /home/fk001233" & @CRLF & _ " npnfs8080c1da01-nfs:/vol/AISB_AIS_HOME/home/fk001233 23T 13T 11T 55% /home/splunk" & @CRLF & _ "" & @CRLF & _ "--------------------------Disk Space End -------------------------" & @CRLF & _ "" & @CRLF & _ "####################Logwatch End ####################" & @CRLF & _ " " & @CRLF & _ "" Local $aArray = StringRegExp($sString, $sRegex, $STR_REGEXPARRAYGLOBALFULLMATCH) Local $aFullArray[0] For $i = 0 To UBound($aArray) -1 _ArrayConcatenate($aFullArray, $aArray[$i]) Next $aArray = $aFullArray ; Present the entire match result _ArrayDisplay($aArray, "Result")

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for AutoIt, please visit: https://www.autoitscript.com/autoit3/docs/functions/StringRegExp.htm