Regular Expressions 101

Save & Share

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

/
/
gm

Test String

Code Generator

Language

Generated Code

using System; using System.Text.RegularExpressions; public class Example { public static void Main() { string pattern = @"(.*?<SYSD:INFO>.*?severity=""info"".*?(sys=(""SecureWeb""|""SecureNet"").*?(action=""pass""|fwrule=""60001"")).*|.*?<LOC\d:NOTE>.*)"; string input = @"09 04 2019 10:46:13 10.69.137.81 <SYSD:INFO> 2019:09:04-10:46:13 wf-tg-utm-2 httpproxy[26178]: id=""0001"" severity=""info"" sys=""SecureWeb"" sub=""http"" name=""http access"" action=""pass"" method=""GET"" srcip=""192.168.128.67"" dstip=""104.31.8.169"" user="" group="" ad_domain="" statuscode=""403"" cached=""0"" profile=""REF_HttProContaInterNetwo10 (Wireless Hotspot)"" filteraction=""REF_HttCffDefauAllowGuest (Default Allow (Guest))"" size=""3057"" request=""0xd50f0e00"" url=""http://exmaple.com/"" referer="" error="" authtime=""0"" dnstime=""92"" aptptime=""88"" cattime=""92"" avscantime=""4513"" fullreqtime=""18114"" device=""0"" auth=""0"" ua="" exceptions=""ssl,certcheck,certdate,application,patience"" category=""177"" reputation=""neutral"" categoryname=""Content Server"" sandbox=""-"" content-type=""text/html"" 09 04 2019 10:38:33 10.69.137.81 <LOC6:NOTE> 2019:09:04-10:38:33 wf-tg-utm-2 httpd: 192.168.129.115 - - [04/Sep/2019:10:38:33 +0100] ""GET /bag?v=1 HTTP/1.1"" 302 - 09 05 2019 13:44:24 10.69.137.81 <SYSD:INFO> 2019:09:05-13:44:24 wf-tg-utm-2 httpproxy[26178]: id=""0001"" severity=""info"" sys=""SecureWeb"" sub=""http"" name=""http access"" action=""pass"" method=""GET"" srcip=""10.69.202.41"" dstip=""185.187.118.2"" user=""Da088518"" group=""AD Proxy Users (WBS)"" ad_domain=""CYMRU"" statuscode=""200"" cached=""0"" profile=""REF_HttProContaInterNetwo4 (Clients (DHCP/Static))"" filteraction=""REF_HttCffDefauAllow (Default Allow)"" size=""42"" request=""0xdab72a00"" url=""http://lgen.idgconnect.com/t/1hxnDKGABJ.png"" referer="" error="" authtime=""679"" dnstime=""3236"" aptptime=""86"" cattime=""20119"" avscantime=""975"" fullreqtime=""276035"" device=""0"" auth=""2"" ua=""Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Tablet PC 2.0; wbx 1.0.0; Microsoft Outlook 16.0.4873; Microsoft Outlook 16.0.4873; ms-office; MSOffice "" exceptions="" category=""105"" reputation=""neutral"" categoryname=""Business"" sandbox=""-"" content-type=""image/gif"" 09 05 2019 13:44:24 10.69.137.81 <SYSD:INFO> 2019:09:05-13:44:24 wf-tg-utm-2 httpproxy[26178]: id=""0001"" severity=""info"" sys=""SecureWeb"" sub=""http"" name=""http access"" action=""pass"" method=""CONNECT"" srcip=""10.69.202.41"" dstip=""104.24.31.38"" user=""Da088518"" group=""AD Proxy Users (WBS)"" ad_domain=""CYMRU"" statuscode=""200"" cached=""0"" profile=""REF_HttProContaInterNetwo4 (Clients (DHCP/Static))"" filteraction=""REF_HttCffDefauAllow (Default Allow)"" size=""134746"" request=""0xd55f1800"" url=""https://image.chitra.live/"" referer="" error="" authtime=""404"" dnstime=""1204"" aptptime=""98"" cattime=""20482"" avscantime=""0"" fullreqtime=""2888600"" device=""0"" auth=""2"" ua=""Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Tablet PC 2.0; wbx 1.0.0; Microsoft Outlook 16.0.4873; Microsoft Outlook 16.0.4873)"" exceptions="" category=""177"" reputation=""neutral"" categoryname=""Content Server"" 09 05 2019 13:44:24 10.69.137.81 <SYSD:INFO> 2019:09:05-13:44:23 wf-tg-utm-2 ulogd[10129]: id=""2001"" severity=""info"" sys=""SecureNet"" sub=""packetfilter"" name=""Packet dropped"" action=""drop"" fwrule=""60001"" initf=""eth7"" srcmac=""44:e4:d9:8f:dd:c2"" dstmac=""00:1a:8c:f0:ca:67"" srcip=""40.100.174.18"" dstip=""159.86.176.10"" proto=""6"" length=""40"" tos=""0x00"" prec=""0x00"" ttl=""240"" srcport=""993"" dstport=""54752"" tcpflags=""RST"" "; RegexOptions options = RegexOptions.Multiline; foreach (Match m in Regex.Matches(input, pattern, options)) { Console.WriteLine("'{0}' found at index {1}.", m.Value, m.Index); } } }

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for C#, please visit: https://msdn.microsoft.com/en-us/library/system.text.regularexpressions.regex(v=vs.110).aspx