Regular Expressions 101

Save & Share

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

r"
"
gm

Test String

Code Generator

Language

Generated Code

import java.util.regex.Matcher; import java.util.regex.Pattern; public class Example { public static void main(String[] args) { final String regex = "(?P<FechayHora>(?:20[0-9]{2}-[0-1]\\d-[0-2]\\d)\\s(?:(?:[0-1]\\d|2[0-3]):){2}(?:[0-1]\\d|2[0-3]))(?:,|\\s)(?P<LogLevel>(?:\\w*\\.?\\w*))(?:,|\\s)(?P<Hostname>(?:\\d{1,3}\\.){3}\\d{1,3}|(?:\\w*\\.cerrey\\.com\\.mx))(?:,|\\s)(?P<mensaje>\\\"?[\\w\\s:,\\[\\]()/-]*\\\"?)"; final String string = "2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Created slice User Slice of root.\n" + "2023-05-21 00:00:00,Daemon.Info,MTYDC02.cerrey.com.mx,May 21 00:40:01 flex3 systemd: Starting User Slice of root.\n" + "2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Started Session 2782 of user root.\n" + "2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Starting Session 2782 of user root.\n" + "2023-05-21 00:00:00,Cron.Info,172.16.1.247,May 21 00:40:01 flex3 CROND[23978]: (root) CMD (/usr/lib64/sa/sa1 1 1)\n" + "2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Removed slice User Slice of root.\n" + "2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Stopping User Slice of root.\n" + "2023-05-21 00:00:01,System3.Critical,MTYSYSLOG.cerrey.com.mx,may 21 00:00:01 MTYSYSLOG.cerrey.com.mx MSWinEventLog 2 Security 10337 dom may 21 00:00:00 2023 4673 Microsoft-Windows-Security-Auditing N/A Audit Failure MTYSYSLOG.cerrey.com.mx 13056 A privileged service was called.\n\n" + "Subject:\n" + " Security ID: S-1-5-19\n" + " Account Name: LOCAL SERVICE\n" + " Account Domain: NT AUTHORITY\n" + " Logon ID: 0x3E5\n\n" + "Service:\n" + " Server: Security\n" + " Service Name: -\n\n" + "Process:\n" + " Process ID: 0x1f1c\n" + " Process Name: C:\\Windows\\System32\\svchost.exe\n\n" + "Service Request Information:\n" + " Privileges: SeProfileSingleProcessPrivilege\n" + "2023-05-21 00:00:01,System3.Critical,MTYSYSLOG.cerrey.com.mx,may 21 00:00:01 MTYSYSLOG.cerrey.com.mx MSWinEventLog 2 Security 10338 dom may 21 00:00:00 2023 4673 Microsoft-Windows-Security-Auditing N/A Audit Failure MTYSYSLOG.cerrey.com.mx 13056 A privileged service was called.\n\n" + "Subject:\n" + " Security ID: S-1-5-19\n" + " Account Name: LOCAL SERVICE\n" + " Account Domain: NT AUTHORITY\n" + " Logon ID: 0x3E5\n\n" + "Service:\n" + " Server: Security\n" + " Service Name: -\n\n" + "Process:\n" + " Process ID: 0x1f1c\n" + " Process Name: C:\\Windows\\System32\\svchost.exe\n\n" + "Service Request Information:\n" + " Privileges: SeProfileSingleProcessPrivilege\n" + "2023-05-21 00:00:01,System4.Notice,MTYSPDB2.cerrey.com.mx,may 21 00:00:01 MTYSPDB2.cerrey.com.mx MSWinEventLog 5 Security 105034 dom may 21 00:00:00 2023 4672 Microsoft-Windows-Security-Auditing N/A Audit Success MTYSPDB2.cerrey.com.mx 12548 Special privileges assigned to new logon.\n\n" + "Subject:\n" + " Security ID: S-1-5-21-1430283757-1547701557-1542849698-18847\n" + " Account Name: SP_Farm\n" + " Account Domain: CERREY\n" + " Logon ID: 0x592C221\n\n" + "Privileges: SeSecurityPrivilege\n" + " SeBackupPrivilege\n" + " SeRestorePrivilege\n" + " SeTakeOwnershipPrivilege\n" + " SeDebugPrivilege\n" + " SeSystemEnvironmentPrivilege\n" + " SeLoadDriverPrivilege\n" + " SeImpersonatePrivilege\n" + " SeDelegateSessionUserImpersonatePrivilege\n" + "2023-05-21 00:00:01,System4.Notice,MTYSPDB2.cerrey.com.mx,\"may 21 00:00:01 MTYSPDB2.cerrey.com.mx MSWinEventLog 5 Security 105035 dom may 21 00:00:00 2023 4624 Microsoft-Windows-Security-Auditing N/A Audit Success MTYSPDB2.cerrey.com.mx 12544 An account was successfully logged on.\n\n" + "Subject:\n" + " Security ID: S-1-0-0\n" + " Account Name: -\n" + " Account Domain: -\n" + " Logon ID: 0x0\n\n" + "Logon Information:\n" + " Logon Type: 3\n" + " Restricted Admin Mode: -\n" + " Virtual Account: No\n" + " Elevated Token: Yes\n\n" + "Impersonation Level: Impersonation\n\n" + "New Logon:\n" + " Security ID: S-1-5-21-1430283757-1547701557-1542849698-18847\n" + " Account Name: SP_Farm\n" + " Account Domain: CERREY.COM.MX\n" + " Logon ID: 0x592C221\n" + " Linked Logon ID: 0x0\n" + " Network Account Name: -\n" + " Network Account Domain: -\n" + " Logon GUID: {fc043bcf-045d-fc8b-47dd-711370b096cf}\n\n" + "Process Information:\n" + " Process ID: 0x0\n" + " Process Name: -\n\n" + "Network Information:\n" + " Workstation Name: -\n" + " Source Network Address: -\n" + " Source Port: -\n\n" + "Detailed Authentication Information:\n" + " Logon Process: Kerberos\n" + " Authentication Package: Kerberos\n" + " Transited Services: -\n" + " Package Name (NTLM only): -\n" + " Key Length: 0\n\n" + "This event is generated when a logon session is created. It is generated on the computer that was accessed.\n\n" + "The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.\n\n" + "The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).\n\n" + "The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.\n\n" + "The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.\n\n" + "The impersonation level field indicates the extent to which a process in the logon session can impersonate.\n\n" + "The authentication information fields provide detailed information about this specific logon request.\n" + " - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.\n" + " - Transited services indicate which intermediate services have participated in this logon request.\n" + " - Package name indicates which sub-protocol was used among the NTLM protocols.\n" + " - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.\""; final Pattern pattern = Pattern.compile(regex, Pattern.MULTILINE); final Matcher matcher = pattern.matcher(string); while (matcher.find()) { System.out.println("Full match: " + matcher.group(0)); for (int i = 1; i <= matcher.groupCount(); i++) { System.out.println("Group " + i + ": " + matcher.group(i)); } } } }

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Java, please visit: https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html