const regex = /Audit (?P<audit_outcome>Success|Failure),(?P<log_date>.*)\s+(?P<log_time>.*),Microsoft-Windows-Security-Auditing,(?P<event_id>\d+),(?P<category>.*),(?P<event_message>.*)\s+Subject:\s+Security ID:\s+(?P<subject_security_id>.*)\s+Account Name:\s+(?P<subject_account_name>.*)\s+Account Domain:\s+(?P<subject_account_domain>.*)\s+Logon ID:\s+(?P<subject_logon_id>.*)\s+Process Information:\s+Process ID:\s+(?P<PI_process_id>.*)\s+Name:\s+(?P<PI_name>.*)\s+Previous Time:\s+(?P<previous_time>.*)\s+New Time:\s+(?P<new_time>.*)\s+(?P<audit_message>.*)/g;
// Alternative syntax using RegExp constructor
// const regex = new RegExp('Audit (?P<audit_outcome>Success|Failure),(?P<log_date>.*)\\s+(?P<log_time>.*),Microsoft-Windows-Security-Auditing,(?P<event_id>\\d+),(?P<category>.*),(?P<event_message>.*)\\s+Subject:\\s+Security ID:\\s+(?P<subject_security_id>.*)\\s+Account Name:\\s+(?P<subject_account_name>.*)\\s+Account Domain:\\s+(?P<subject_account_domain>.*)\\s+Logon ID:\\s+(?P<subject_logon_id>.*)\\s+Process Information:\\s+Process ID:\\s+(?P<PI_process_id>.*)\\s+Name:\\s+(?P<PI_name>.*)\\s+Previous Time:\\s+(?P<previous_time>.*)\\s+New Time:\\s+(?P<new_time>.*)\\s+(?P<audit_message>.*)', 'g')
const str = `Audit Success,29/08/2017 09:42:50,Microsoft-Windows-Security-Auditing,4616,Security State Change,"The system time was changed.
Subject:
Security ID: LOCAL SERVICE
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3E5
Process Information:
Process ID: 0x3e8
Name: C:\\Windows\\System32\\svchost.exe
Previous Time: 2017-08-29T01:42:49.858143700Z
New Time: 2017-08-29T01:42:49.520000000Z
This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer."`;
// Reset `lastIndex` if this regex is defined globally
// regex.lastIndex = 0;
let m;
while ((m = regex.exec(str)) !== null) {
// This is necessary to avoid infinite loops with zero-width matches
if (m.index === regex.lastIndex) {
regex.lastIndex++;
}
// The result can be accessed through the `m`-variable.
m.forEach((match, groupIndex) => {
console.log(`Found match, group ${groupIndex}: ${match}`);
});
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for JavaScript, please visit: https://developer.mozilla.org/en/docs/Web/JavaScript/Guide/Regular_Expressions