import re
regex = re.compile(r"^<.{20}(?<hlt_env>.+?) esc-logs", flags=re.MULTILINE)
test_str = ("<13>Jan. 05 23:59:59 HLT-DM01 esc-logs[-]: {\"timestamp\":\"2021-01-05T23:59:59.889Z\",\"id\":\"98cf03ff-8dba-4b84-990c-4f026a2fa942\",\"tenant_name\":\"draco-910\",\"pks_uuid\":\"934ac265-9e3c-4a0d-8798-109b15876e4e\",\"hlt-cluster\":[\"api.prod-s-k8s.draco-910.sccloudres.net\",\"api.prod-m-k8s.draco-910.sccloudres.net\"],\"log_type\":\"AUDIT\",\"log_entry\":\"<14>1 2021-01-05T23:59:59.889967Z 682e85b4-e773-4ef7-9c8b-193034f2eca9.master.pks-934ac265-9e3c-4a0d-8798-109b15876e4e.service-instance-934ac265-9e3c-4a0d-8798-109b15876e4e.bosh kube-apiserver rs2 - [instance@47450 director=\\\"\\\" deployment=\\\"service-instance_934ac265-9e3c-4a0d-8798-109b15876e4e\\\" group=\\\"master\\\" az=\\\"WL-BEW-Prd-01\\\" id=\\\"682e85b4-e773-4ef7-9c8b-193034f2eca9\\\"] {\\\"kind\\\":\\\"Event\\\",\\\"apiVersion\\\":\\\"audit.k8s.io/v1\\\",\\\"level\\\":\\\"Request\\\",\\\"auditID\\\":\\\"b3b53fd5-4d9d-4626-90bb-ac0de8234585\\\",\\\"stage\\\":\\\"ResponseComplete\\\",\\\"requestURI\\\":\\\"/api/v1/nodes/321c1ee3-21ba-43e1-8c5f-4b73a30d111c/proxy/metrics\\\",\\\"verb\\\":\\\"get\\\",\\\"user\\\":{\\\"username\\\":\\\"system:serviceaccount:monitoring:prometheus-monitoring\\\",\\\"uid\\\":\\\"abb07484-47d5-462c-b460-682dd0c0768d\\\",\\\"groups\\\":[\\\"system:serviceaccounts\\\",\\\"system:serviceaccounts:monitoring\\\",\\\"system:authenticated\\\"]},\\\"sourceIPs\\\":[\\\"11.32.19.6\\\"],\\\"userAgent\\\":\\\"Prometheus/2.19.3\\\",\\\"objectRef\\\":{\\\"resource\\\":\\\"nodes\\\",\\\"name\\\":\\\"321c1ee3-21ba-43e1-8c5f-4b73a30d111c\\\",\\\"apiVersion\\\":\\\"v1\\\",\\\"subresource\\\":\\\"proxy\\\"},\\\"responseStatus\\\":{\\\"metadata\\\":{},\\\"code\\\":200},\\\"requestReceivedTimestamp\\\":\\\"2021-01-05T23:59:59.434872Z\\\",\\\"stageTimestamp\\\":\\\"2021-01-05T23:59:59.456258Z\\\",\\\"annotations\\\":{\\\"authorization.k8s.io/decision\\\":\\\"allow\\\",\\\"authorization.k8s.io/reason\\\":\\\"RBAC: allowed by ClusterRoleBinding \\\\\\\"prometheus-monitoring\\\\\\\" of ClusterRole \\\\\\\"prometheus-monitoring\\\\\\\" to ServiceAccount \\\\\\\"prometheus-monitoring/monitoring\\\\\\\"\\\"}}\",\"version\":\"1.0\",\"@version\":\"1\",\"cloud_service_name\":\"KUBERNETES\",\"@timestamp\":\"2021-01-05T23:59:59.889Z\"}\n")
matches = regex.finditer(test_str)
for match_num, match in enumerate(matches, start=1):
print(f"Match {match_num} was found at {match.start()}-{match.end()}: {match.group()}")
for group_num, group in enumerate(match.groups(), start=1):
print(f"Group {group_num} found at {match.start(group_num)}-{match.end(group_num)}: {group}")
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Python, please visit: https://docs.python.org/3/library/re.html