import re
regex = re.compile(r"(?P<pan_log_receive_time>\w{3}\s*\d+\s*\d+:\d+:\d+)\s+(?:[^,]*,){3}(?P<pan_log_type>THREAT),(?P<pan_log_subtype>[^,]*),(?:[^,]*,){2}(?P<pan_log_src>[^,]*),(?P<pan_log_dst>[^,]*),(?:[^,]*,){2}(?P<pan_threat_policy>[^,]*),(?P<pan_threat_srcuser>[^,]*),(?:[^,]*),(?P<pan_threat_app>[^,]*),(?P<pan_threat_vsys>[^,]*),(?P<pan_threat_srczone>[^,]*),(?P<pan_threat_dstzone>[^,]*),(?P<pan_threat_inbound_if>[^,]*),(?P<pan_threat_outbound_if>[^,]*),(?:[^,]*,){4}(?P<pan_log_sport>[^,]*),(?P<pan_log_dstport>[^,]*),(?:[^,]*,){3}(?P<proto>[^,]*),(?P<action>[^,]*),\"(?P<url>[^\"]*)\",\((?P<threat_id>\d+)\),(?P<cat>[^,]*),(?P<sev>[^,]*)", flags=re.MULTILINE)
test_str = "<14>Jul 4 18:56:24 - 1,2018/07/04 18:56:24,010401007075,THREAT,url,0,2018/07/04 18:56:24,212.252.96.87,88.255.40.30,212.252.96.87,172.16.0.153,mail.sayistay.gov.tr,,,ssl,vsys1,Untrust-Zone,DMZ-1-Zone,ethernet1/1,ethernet1/6,SAY-Log-Forwarding-Profile,2018/07/04 18:56:24,401373,1,34538,443,34538,443,0x40f000,tcp,alert,\"mail.sayistay.gov.tr/\",(9999),URL-Allow-List,informational,client-to-server,257394,0x8000000000000000,Turkey,Turkey,0,,0,,,0,,,,,,,,0,0,0,0,0,,INT-FW-2,,,,,0,,0,,N/A,unknown,AppThreat-0-0,0x0ESC[0m"
matches = regex.finditer(test_str)
for match_num, match in enumerate(matches, start=1):
print(f"Match {match_num} was found at {match.start()}-{match.end()}: {match.group()}")
for group_num, group in enumerate(match.groups(), start=1):
print(f"Group {group_num} found at {match.start(group_num)}-{match.end(group_num)}: {group}")
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Python, please visit: https://docs.python.org/3/library/re.html