const regex = /^.*?CEF:\d+\|(?<severity>.*?)\|(?<group>.*?)\|(?<process>\d+)\|-SiteId\s\((?<processid>\d+)\)\s(?<url>.*?)\s.[^\s]+\s(?<recipient>.*?)\|-RuleName\s(?<threatname>[^\|]+)\|-ActionTakenRequest(?<action>[^\|]+)\|EntryPage\s(?<subject>.*?)\s/gm;
// Alternative syntax using RegExp constructor
// const regex = new RegExp('^.*?CEF:\\d+\\|(?<severity>.*?)\\|(?<group>.*?)\\|(?<process>\\d+)\\|-SiteId\\s\\((?<processid>\\d+)\\)\\s(?<url>.*?)\\s.[^\\s]+\\s(?<recipient>.*?)\\|-RuleName\\s(?<threatname>[^\\|]+)\\|-ActionTakenRequest(?<action>[^\\|]+)\\|EntryPage\\s(?<subject>.*?)\\s', 'gm')
const str = `may. 30 07:04:32 host CEF:0|Security Events|ThreatAlert|869000350019695021|-SiteId (227349) bancaenlinea.bicsa.com -VisitCountry Germany|-RuleName Bad Bots|-ActionTakenRequest blocked |EntryPage bancaenlinea.bicsa.com/user/register//user/register/ -ClienteApp Chinese Vulnerability Scanner:1 -Ip 212.124.114.242-NumRequests 1 -AttemptedOn URL -AttackVectorInternalCode 200.0
may. 26 21:41:22 host CEF:0|Security Events|ThreatAlert|1000000270132476675|-SiteId (226911) www.bicsa.com -VisitCountry United States|-RuleName Bad Bots|-ActionTakenRequest blocked |EntryPage www.bicsa.com/robots.txt/robots.txt -ClienteApp LTX71:1 -Ip 35.226.23.240-NumRequests 1 -AttemptedOn URL -AttackVectorInternalCode 200.0
may. 27 17:13:21 host CEF:0|Security Events|ThreatAlert|432001330089612747|-SiteId (226911) www.bicsa.com -VisitCountry China|-RuleName Bad Bots|-ActionTakenRequest blocked |EntryPage www.bicsa.com/es/es -ClienteApp YisouSpider:1 -Ip 106.11.153.199-NumRequests 1 -AttemptedOn URL -AttackVectorInternalCode 200.0
may. 27 17:13:22 host CEF:0|Security Events|ThreatAlert|432001330089614196|-SiteId (226911) www.bicsa.com -VisitCountry China|-RuleName Bad Bots|-ActionTakenRequest blocked |EntryPage www.bicsa.com/robots.txt/robots.txt -ClienteApp YisouSpider:1 -Ip 106.11.155.219-NumRequests 2 -AttemptedOn URL -AttackVectorInternalCode 200.0
may. 27 17:13:22 host CEF:0|Security Events|ThreatAlert|432001330089614196|-SiteId (226911) www.bicsa.com -VisitCountry China -VisitCountry China|-RuleName Bad Bots|-ActionTakenRequest blocked |EntryPage www.bicsa.com/robots.txt/robots.txt -ClienteApp YisouSpider:1 -Ip 106.11.155.219-NumRequests 2/robots.txt -ClienteApp YisouSpider:1 -Ip 106.11.155.219-NumRequests 2 -AttemptedOn URL -AttackVectorInternalCode 200.0
may. 31 06:29:22 host CEF:0|Security Events|ThreatAlert|156000740014728873|-SiteId (226911) www.bicsa.com -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States -VisitCountry United States|-RuleName DDoS|-ActionTakenRequest suspended |EntryPage www.bicsa.com/www.bicsa.com/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1www.bicsa.com/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/robots.txt -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/pub/nuevo-formato-de-cheques/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/cuentas-corrientes/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/contacto/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/cobranzas/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/corporativa/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/finanzas-estructuradas/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/personal/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/ordenes-de-pago/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/ordenes-de-pago-2/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/certificado/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/e-banking/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/acerca-de-bicsa/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/infopersonal/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/bicsacapital/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/phishing/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/mapa-del-sitio/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/reportefraude/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/en/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/seguridad-y-privacidad/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1/servicios/ -ClienteApp Bot:1 -Ip 138.197.77.70-NumRequests 1
`;
// Reset `lastIndex` if this regex is defined globally
// regex.lastIndex = 0;
let m;
while ((m = regex.exec(str)) !== null) {
// This is necessary to avoid infinite loops with zero-width matches
if (m.index === regex.lastIndex) {
regex.lastIndex++;
}
// The result can be accessed through the `m`-variable.
m.forEach((match, groupIndex) => {
console.log(`Found match, group ${groupIndex}: ${match}`);
});
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for JavaScript, please visit: https://developer.mozilla.org/en/docs/Web/JavaScript/Guide/Regular_Expressions