Regular Expressions 101

Save & Share

  • Regex Version: ver. 42
  • Update Regex
    ctrl+⇧+s
  • Save new Regex
    ctrl+s
  • Add to Community Library

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests (3)

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

/
/

Test String

Code Generator

Language

Generated Code

use strict; my $str = '2018-12-13T10:25:52.647Z imdgnparser01 CEF:0|MCAS|SIEM_Agent|0.138.173|EVENT_CATEGORY_AZURE_OPERATION|Azure operation|0|externalId=ffc53f2d8811bde87ee94bb86dc062442ec48df5303dd262e424ceeeecba8f91 rt=1544696752647 start=1544696752647 end=1544696752647 msg=ListAccountSas StorageAccounts: resource phastneprd02 - Started suser=11c174dc-1945-4a9a-a36b-c79a0f246b9b destinationServiceName=Microsoft Azure dvc=13.94.250.141 requestClientApplication= cs1Label=portalURL cs1=https://starsweb.eu2.portal.cloudappsecurity.com/#/audits?activity.id\\=eq(ffc53f2d8811bde87ee94bb86dc062442ec48df5303dd262e424ceeeecba8f91,) cs2Label=uniqueServiceAppIds cs2=APPID_AZURE cs3Label=targetObjects cs3=phastneprd02,Microsoft.Storage/storageAccounts,DWH_DataPlatform,,Operation status,Windows Azure Application Insights cs4Label=policyIDs cs4= c6a1Label="Device IPv6 Address" c6a1=#015'; my $regex = qr/(?<date>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z)\s+(?<src>\w+)\s+CEF:(?<version>\d+)\|(?<device_vendor>\w+)\|(?<device_product>\w+)\|(?<device_version>[\d.]*)\|(?<signature_id>[\w\d]*)/p; if ( $str =~ /$regex/ ) { print "Whole match is ${^MATCH} and its start/end positions can be obtained via \$-[0] and \$+[0]\n"; # print "Capture Group 1 is $1 and its start/end positions can be obtained via \$-[1] and \$+[1]\n"; # print "Capture Group 2 is $2 ... and so on\n"; } # ${^POSTMATCH} and ${^PREMATCH} are also available with the use of '/p' # Named capture groups can be called via $+{name}

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Perl, please visit: http://perldoc.perl.org/perlre.html