import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class Example {
public static void main(String[] args) {
final String regex = "\"type\":\"(?P<threat_purpose>[^:]+):(?P<threat_resource_affected>[^\\/]+)\\/(?P<threat_name>[^!]+)\\!(?P<threat_artifact>[^\"]*?)";
final String string = "{\"detail-type\":\"GuardDuty Finding\",\"resources\":[],\"source\":\"aws.guardduty\",\"id\":\"xxxxx-xx\",\"detail\":{\"schemaVersion\":\"2.0\",\"accountId\":\"1234567890\",\"region\":\"us-west-2\",\"partition\":\"aws\",\"id\":\"xxxxxxxx\",\"arn\":\"arn:aws:guardduty:us-west-2:1234567890:detector/XXXXXXX/finding/xxxxxxx\",\"type\":\"Trojan:EC2/PhishingDomainRequest!DNS\",\"resource\":{\"resourceType\":\"Instance\",\"instanceDetails\":{\"instanceId\":\"i-99999999\",\"instanceType\":\"m3.xlarge\",\"launchTime\":\"2016-08-02T02:05:06Z\",\"productCodes\":[{\"productCodeId\":\"GeneratedFindingProductCodeId\",\"productCodeType\":\"GeneratedFindingProductCodeType\"}],\"iamInstanceProfile\":{\"arn\":\"GeneratedFindingInstanceProfileArn\",\"id\":\"GeneratedFindingInstanceProfileId\"},\"networkInterfaces\":[{\"ipv6Addresses\":[],\"privateDnsName\":\"GeneratedFindingPrivateDnsName\",\"privateIpAddress\":\"127.0.0.1\",\"privateIpAddresses\":[{\"privateDnsName\":\"GeneratedFindingPrivateName\",\"privateIpAddress\":\"127.0.0.1\"}],\"subnetId\":\"GeneratedFindingSubnetId\",\"vpcId\":\"ein-ffdd1234\",\"securityGroups\":[{\"groupName\":\"SecurityGroup01\",\"groupId\":\"GeneratedFindingSecurityId\"}],\"publicDnsName\":\"bbb.com\",\"publicIp\":\"127.0.0.1\"}],\"tags\":[{\"key\":\"GeneratedFindingInstaceTag1\",\"value\":\"GeneratedFindingInstaceValue1\"},{\"key\":\"ami-99999999\",\"imageDescription\":\"GeneratedFindingInstaceImageDescription\"}],\"service\":{\"serviceName\":\"guardduty\",\"detectorId\":\"xxxxxx\",\"action\":{\"actionType\":\"DNS_REQUEST\",\"dnsRequestAction\":{\"domain\":\"GeneratedFindingDomainName\",\"protocol\":\"UDP\",\"blocked\":true}},\"resourceRole\":\"TARGET\",\"additionalInfo\":{\"threatListName\":\"GeneratedFindingThreatListName\",\"sample\":true},\"eventFirstSeen\":\"2020-06-02T20:22:26.350Z\",\"eventLastSeen\":\"2020-06-03T20:22:26.350Z\",\"archived\":false,\"count\":1},\"severity\":8,\"createdAt\":\"2020-06-02T20:22:26.350Z\",\"updatedAt\":\"2020-06-03T20:22:26.350Z\",\"title\":\"Trojan:EC2/PhishingDomainRequest!DNS\",\"description\":\"Trojan:EC2/PhishingDomainRequest!DNS\"}}},\"time\":\"2018-02-28T20:25:00Z\",\"region\":\"us-west-2\",\"version\":\"0\",\"account\":\"1234567890\"}";
final Pattern pattern = Pattern.compile(regex, Pattern.MULTILINE);
final Matcher matcher = pattern.matcher(string);
while (matcher.find()) {
System.out.println("Full match: " + matcher.group(0));
for (int i = 1; i <= matcher.groupCount(); i++) {
System.out.println("Group " + i + ": " + matcher.group(i));
}
}
}
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Java, please visit: https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html