// include the latest version of the regex crate in your Cargo.toml
extern crate regex;
use regex::Regex;
fn main() {
let regex = Regex::new(r"^.+>[\d]\s(?P<Date>\d{4}-\d{2}-\d{2})T(?P<Time>\d{2}:\d{2}:\d{2}).+firewall,info\s(?P<RadUser>\d+).+in:(?P<InputInterface>[^,]+)\s+out:(?P<OutputInterface>[^,]+),\s+(?:src-mac\s+(?P<SourceMacAddress>[^,]+),\s+)?proto\s+(?P<Protocol>\w+)(?:\s+\((?P<Flags>[^)]+)\))?,\s+\[?(?P<SrcIP>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|[a-f\d:]+)\]?(?::(?P<SrcPort>\d+))?->\[?(?P<DstIP>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|[a-f\d:]+)\]?(?::(?P<DstPort>\d+))?,\s(?P<NAT>\w+)\s\((?P<SrcIpLocalNat>\b(?:\d{1,3}\.){3}\d{1,3}\b):(?P<SrcPortLocalNat>\d+)->(?P<SrcIpPublicNat>\b(?:\d{1,3}\.){3}\d{1,3}\b):(?P<SrcPortPublicNat>\d+)\)->(?P<DestIpNat>\b(?:\d{1,3}\.){3}\d{1,3}\b):(?P<DestPortNat>\d+),.+").unwrap();
let string = "<13>1 2022-05-17T09:10:28.290795-03:00 firewall,info 1727618 - - - 1727618 customlog: in:VLAN99 out:ether2_WAN_Intercorp, src-mac 50:8e:49:7f:b1:68, proto TCP (ACK,FIN), 10.59.0.8:37438->142.251.129.163:443, NAT (10.59.0.8:37438->189.28.49.7:37438)->142.251.129.163:443, len 52
<13>1 2022-05-17T09:18:05.103720-03:00 firewall,info 620254 - - - 620254 customlog: in:VLAN99 out:ether2_WAN_Intercorp, src-mac d0:04:01:8a:ee:7f, proto UDP, 10.59.0.9:42331->172.217.173.110:443, NAT (10.59.0.9:42331->189.28.49.7:42331)->172.217.173.110:443, len 743
";
// result will be a tuple containing the start and end indices for the first match in the string
let result = regex.captures(string);
let (start, end) = match result {
Some((s, e)) => (s, e),
None => {
// ...
}
};
println!("{}", &string[start, end]);
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Rust, please visit: https://docs.rs/regex/latest/regex/