Regular Expressions 101

Save & Share

Regex Version: ver. 1
Fork Regex
ctrl+s
Go to community entry

Flavor

PCRE2 (PHP >=7.3)
PCRE (PHP <7.3)
ECMAScript (JavaScript)
Python
Golang
Java 8
.NET 7.0 (C#)
Rust
Regex Flavor Guide

Function

Match
Substitution
List
Unit Tests

Tools

Code Generator
Regex Debugger
Export Matches
Benchmark Regex

Regular Expression
No Match

Test String

Code Generator

Language

Generated Code

#include <StringConstants.au3> ; to declare the Constants of StringRegExp
#include <Array.au3> ; UDF needed for _ArrayDisplay and _ArrayConcatenate

Local $sRegex = "(?m)^.*?CEF:\d+\|(?<severity>.*?)\|(?<group>.*?)\|(?<process>\d+)\|-SiteId\s\((?<processid>\d+)\)\s(?<url>.*?)\s.[^\s]+\s(?<recipient>.*?)\|-RuleName\s(?<threatname>[^\|]+)\|-ActionTakenRequest(?<action>[^\|]+)\|EntryPage\s(?<subject>.*?)\s"
Local $sString = "may. 30 07:04:32 host CEF:0|Security Events|ThreatAlert|869000350019695021|-SiteId (227349) bancaenlinea.bicsa.com -VisitCountry Germany|-RuleName Bad Bots|-ActionTakenRequest blocked						|EntryPage bancaenlinea.bicsa.com/user/register//user/register/ -ClienteApp Chinese Vulnerability Scanner:1 -Ip 212.124.114.242-NumRequests 1 -AttemptedOn URL -AttackVectorInternalCode 200.0" & @CRLF & _
                "may. 26 21:41:22 host CEF:0|Security Events|ThreatAlert|1000000270132476675|-SiteId (226911) www.bicsa.com -VisitCountry United States|-RuleName Bad Bots|-ActionTakenRequest blocked						|EntryPage www.bicsa.com/robots.txt/robots.txt -ClienteApp LTX71:1 -Ip 35.226.23.240-NumRequests 1 -AttemptedOn URL -AttackVectorInternalCode 200.0" & @CRLF & _
                "may. 27 17:13:21 host CEF:0|Security Events|ThreatAlert|432001330089612747|-SiteId (226911) www.bicsa.com -VisitCountry China|-RuleName Bad Bots|-ActionTakenRequest blocked						|EntryPage www.bicsa.com/es/es -ClienteApp YisouSpider:1 -Ip 106.11.153.199-NumRequests 1 -AttemptedOn URL -AttackVectorInternalCode 200.0" & @CRLF & _
                "may. 27 17:13:22 host CEF:0|Security Events|ThreatAlert|432001330089614196|-SiteId (226911) www.bicsa.com -VisitCountry China|-RuleName Bad Bots|-ActionTakenRequest blocked						|EntryPage www.bicsa.com/robots.txt/robots.txt -ClienteApp YisouSpider:1 -Ip 106.11.155.219-NumRequests 2 -AttemptedOn URL -AttackVectorInternalCode 200.0" & @CRLF & _
                "may. 27 17:13:22 host CEF:0|Security Events|ThreatAlert|432001330089614196|-SiteId (226911) www.bicsa.com -VisitCountry China -VisitCountry China|-RuleName Bad Bots|-ActionTakenRequest blocked						|EntryPage www.bicsa.com/robots.txt/robots.txt -ClienteApp YisouSpider:1 -Ip 106.11.155.219-NumRequests 2/robots.txt -ClienteApp YisouSpider:1 -Ip 106.11.155.219-NumRequests 2 -AttemptedOn URL -AttackVectorInternalCode 200.0" & @CRLF & _
                "may. 31 06:29:22 host CEF:0|Security Events|ThreatAlert|156000740014728873|-SiteId (226911) www.bicsa.com -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States|-RuleName DDoS|-ActionTakenRequest suspended						|EntryPage www.bicsa.com/www.bicsa.com/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1www.bicsa.com/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/robots.txt -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/pub/nuevo-formato-de-cheques/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/cuentas-corrientes/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/contacto/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/cobranzas/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/corporativa/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/finanzas-estructuradas/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/personal/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/ordenes-de-pago/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/ordenes-de-pago-2/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/certificado/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/e-banking/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/acerca-de-bicsa/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/infopersonal/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/bicsacapital/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/phishing/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/mapa-del-sitio/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/reportefraude/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/en/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/seguridad-y-privacidad/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/servicios/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1" & @CRLF & _
                ""

Local $aArray = StringRegExp($sString, $sRegex, $STR_REGEXPARRAYGLOBALFULLMATCH)
Local $aFullArray[0]
For $i = 0 To UBound($aArray) -1
    _ArrayConcatenate($aFullArray, $aArray[$i])
Next
$aArray = $aFullArray

; Present the entire match result
_ArrayDisplay($aArray, "Result")

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for AutoIt, please visit: https://www.autoitscript.com/autoit3/docs/functions/StringRegExp.htm

Regular Expressions 101

Save & Share

Flavor

Function

Tools

Explanation

Match Information

Quick Reference

Regular Expression
No Match

Test String

Code Generator

Language

Generated Code

Save & Share

Flavor

Function

Tools

Explanation

Match Information

Quick Reference

Regular ExpressionNo Match

Test String

Regular Expression
No Match