^ asserts position at start of a lineLines are delimited by \n
<142> matches the characters <142> literally (case sensitive)
Named Capture Group date (?P<date>\w+\s+\d+)
\w+
matches any word character (equal to [a-zA-Z0-9_])+ Quantifier — Matches between one and unlimited times, as many times as possible, giving back as needed (greedy)
\s+
matches any whitespace character (equal to [\r\n\t\f\v ])+ Quantifier — Matches between one and unlimited times, as many times as possible, giving back as needed (greedy)
\d+
matches a digit (equal to [0-9])+ Quantifier — Matches between one and unlimited times, as many times as possible, giving back as needed (greedy)
\s+
matches any whitespace character (equal to [\r\n\t\f\v ])+ Quantifier — Matches between one and unlimited times, as many times as possible, giving back as needed (greedy)
Named Capture Group time (?P<time>[^ ]+)
Match a single character not present in the list below [^ ]+
+ Quantifier — Matches between one and unlimited times, as many times as possible, giving back as needed (greedy)
matches the character literally (case sensitive)
\s+
matches any whitespace character (equal to [\r\n\t\f\v ])+ Quantifier — Matches between one and unlimited times, as many times as possible, giving back as needed (greedy)
Named Capture Group server (?P<server>\w+)
\w+
matches any word character (equal to [a-zA-Z0-9_])+ Quantifier — Matches between one and unlimited times, as many times as possible, giving back as needed (greedy)
\s+
matches any whitespace character (equal to [\r\n\t\f\v ])+ Quantifier — Matches between one and unlimited times, as many times as possible, giving back as needed (greedy)
Named Capture Group process_name (?P<process_name>[a-z]+)
Match a single character present in the list below [a-z]+
\[ matches the character [ literally (case sensitive)
Named Capture Group process_number (?P<process_number>\d+)
Match a single character not present in the list below [^ \n]*
matches the character literally (case sensitive)
Named Capture Group process_id (?P<process_id>[^\|]+)
\| matches the character | literally (case sensitive)
Named Capture Group message_id (?P<message_id>[^\|]+)
\| matches the character | literally (case sensitive)
Named Capture Group action (?P<action>IRCPTACTION|VERDICT|UNTESTED|FIRED|SENDER|LOGICAL_IP|EHLO|MSG_SIZE|MSGID|SOURCE|SUBJECT|ORCPTS|TRACKERID|ATTACH|UNSCANNABLE|VIRUS|DELIVER|ACCEPT)
Non-capturing group (?:(?:(?<=ACCEPT|DELIVER|LOGICAL_IP)\|(?P<src>[^:\s]+)(?::(?P<port>[0-9]+))?(?:\|(?P<to>[^\s]+))?)|(?:(?<=FIRED|IRCPTACTION|ORCPTS|TRACKERID|UNTESTED|VERDICT)\|(?P<recipient>[^\s\|]+)(?:\|)?(?P<result>[a-z][^\|\s]+)?(?:\|(?P<result_2>[a-z][^\|]+))?(?:\|(?P<result_3>.+))?)|(?:(?<=SENDER)\|(?P<from>[^\s]+))|(?:(?<=MSG_SIZE)\|(?P<msg_size>\w+))|(?:(?<=SUBJECT)\|(?P<subject>.*))|(?:(?<=ATTACH)\|(?P<attachment>.+))|(?:(?<=UNSCANNABLE)\|(?P<reason>.+))|(?:(?<=VIRUS)\|(?P<virus_name>.+))|(?:(?<=EHLO)\|(?P<fqdn>.+)))?
g modifier: global. All matches (don't return after first match)
m modifier: multi line. Causes ^ and $ to match the begin/end of each line (not only begin/end of string)