Regular Expressions 101

Save & Share

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

/
/
gm

Test String

Code Generator

Language

Generated Code

$re = '/(.*?<SYSD:INFO>.*?severity="info".*?(sys=("SecureWeb"|"SecureNet").*?(action="pass"|fwrule="60001")).*|.*?<LOC\d:NOTE>.*)/m'; $str = '09 04 2019 10:46:13 10.69.137.81 <SYSD:INFO> 2019:09:04-10:46:13 wf-tg-utm-2 httpproxy[26178]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.128.67" dstip="104.31.8.169" user="" group="" ad_domain="" statuscode="403" cached="0" profile="REF_HttProContaInterNetwo10 (Wireless Hotspot)" filteraction="REF_HttCffDefauAllowGuest (Default Allow (Guest))" size="3057" request="0xd50f0e00" url="http://exmaple.com/" referer="" error="" authtime="0" dnstime="92" aptptime="88" cattime="92" avscantime="4513" fullreqtime="18114" device="0" auth="0" ua="" exceptions="ssl,certcheck,certdate,application,patience" category="177" reputation="neutral" categoryname="Content Server" sandbox="-" content-type="text/html" 09 04 2019 10:38:33 10.69.137.81 <LOC6:NOTE> 2019:09:04-10:38:33 wf-tg-utm-2 httpd: 192.168.129.115 - - [04/Sep/2019:10:38:33 +0100] "GET /bag?v=1 HTTP/1.1" 302 - 09 05 2019 13:44:24 10.69.137.81 <SYSD:INFO> 2019:09:05-13:44:24 wf-tg-utm-2 httpproxy[26178]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.69.202.41" dstip="185.187.118.2" user="Da088518" group="AD Proxy Users (WBS)" ad_domain="CYMRU" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo4 (Clients (DHCP/Static))" filteraction="REF_HttCffDefauAllow (Default Allow)" size="42" request="0xdab72a00" url="http://lgen.idgconnect.com/t/1hxnDKGABJ.png" referer="" error="" authtime="679" dnstime="3236" aptptime="86" cattime="20119" avscantime="975" fullreqtime="276035" device="0" auth="2" ua="Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Tablet PC 2.0; wbx 1.0.0; Microsoft Outlook 16.0.4873; Microsoft Outlook 16.0.4873; ms-office; MSOffice " exceptions="" category="105" reputation="neutral" categoryname="Business" sandbox="-" content-type="image/gif" 09 05 2019 13:44:24 10.69.137.81 <SYSD:INFO> 2019:09:05-13:44:24 wf-tg-utm-2 httpproxy[26178]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.69.202.41" dstip="104.24.31.38" user="Da088518" group="AD Proxy Users (WBS)" ad_domain="CYMRU" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo4 (Clients (DHCP/Static))" filteraction="REF_HttCffDefauAllow (Default Allow)" size="134746" request="0xd55f1800" url="https://image.chitra.live/" referer="" error="" authtime="404" dnstime="1204" aptptime="98" cattime="20482" avscantime="0" fullreqtime="2888600" device="0" auth="2" ua="Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Tablet PC 2.0; wbx 1.0.0; Microsoft Outlook 16.0.4873; Microsoft Outlook 16.0.4873)" exceptions="" category="177" reputation="neutral" categoryname="Content Server" 09 05 2019 13:44:24 10.69.137.81 <SYSD:INFO> 2019:09:05-13:44:23 wf-tg-utm-2 ulogd[10129]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth7" srcmac="44:e4:d9:8f:dd:c2" dstmac="00:1a:8c:f0:ca:67" srcip="40.100.174.18" dstip="159.86.176.10" proto="6" length="40" tos="0x00" prec="0x00" ttl="240" srcport="993" dstport="54752" tcpflags="RST" '; preg_match_all($re, $str, $matches, PREG_SET_ORDER, 0); // Print the entire match result var_dump($matches);

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for PHP, please visit: http://php.net/manual/en/ref.pcre.php