// include the latest version of the regex crate in your Cargo.toml
extern crate regex;
use regex::Regex;
fn main() {
let regex = Regex::new(r#"(?m)"type":"(?P<threat_purpose>[^:]+):(?P<threat_resource_affected>[^\/]+)\/(?P<threat_name>[^!]+)\!(?P<threat_artifact>[^"]*?)"#).unwrap();
let string = "{\"detail-type\":\"GuardDuty Finding\",\"resources\":[],\"source\":\"aws.guardduty\",\"id\":\"xxxxx-xx\",\"detail\":{\"schemaVersion\":\"2.0\",\"accountId\":\"1234567890\",\"region\":\"us-west-2\",\"partition\":\"aws\",\"id\":\"xxxxxxxx\",\"arn\":\"arn:aws:guardduty:us-west-2:1234567890:detector/XXXXXXX/finding/xxxxxxx\",\"type\":\"Trojan:EC2/PhishingDomainRequest!DNS\",\"resource\":{\"resourceType\":\"Instance\",\"instanceDetails\":{\"instanceId\":\"i-99999999\",\"instanceType\":\"m3.xlarge\",\"launchTime\":\"2016-08-02T02:05:06Z\",\"productCodes\":[{\"productCodeId\":\"GeneratedFindingProductCodeId\",\"productCodeType\":\"GeneratedFindingProductCodeType\"}],\"iamInstanceProfile\":{\"arn\":\"GeneratedFindingInstanceProfileArn\",\"id\":\"GeneratedFindingInstanceProfileId\"},\"networkInterfaces\":[{\"ipv6Addresses\":[],\"privateDnsName\":\"GeneratedFindingPrivateDnsName\",\"privateIpAddress\":\"127.0.0.1\",\"privateIpAddresses\":[{\"privateDnsName\":\"GeneratedFindingPrivateName\",\"privateIpAddress\":\"127.0.0.1\"}],\"subnetId\":\"GeneratedFindingSubnetId\",\"vpcId\":\"ein-ffdd1234\",\"securityGroups\":[{\"groupName\":\"SecurityGroup01\",\"groupId\":\"GeneratedFindingSecurityId\"}],\"publicDnsName\":\"bbb.com\",\"publicIp\":\"127.0.0.1\"}],\"tags\":[{\"key\":\"GeneratedFindingInstaceTag1\",\"value\":\"GeneratedFindingInstaceValue1\"},{\"key\":\"ami-99999999\",\"imageDescription\":\"GeneratedFindingInstaceImageDescription\"}],\"service\":{\"serviceName\":\"guardduty\",\"detectorId\":\"xxxxxx\",\"action\":{\"actionType\":\"DNS_REQUEST\",\"dnsRequestAction\":{\"domain\":\"GeneratedFindingDomainName\",\"protocol\":\"UDP\",\"blocked\":true}},\"resourceRole\":\"TARGET\",\"additionalInfo\":{\"threatListName\":\"GeneratedFindingThreatListName\",\"sample\":true},\"eventFirstSeen\":\"2020-06-02T20:22:26.350Z\",\"eventLastSeen\":\"2020-06-03T20:22:26.350Z\",\"archived\":false,\"count\":1},\"severity\":8,\"createdAt\":\"2020-06-02T20:22:26.350Z\",\"updatedAt\":\"2020-06-03T20:22:26.350Z\",\"title\":\"Trojan:EC2/PhishingDomainRequest!DNS\",\"description\":\"Trojan:EC2/PhishingDomainRequest!DNS\"}}},\"time\":\"2018-02-28T20:25:00Z\",\"region\":\"us-west-2\",\"version\":\"0\",\"account\":\"1234567890\"}";
// result will be an iterator over tuples containing the start and end indices for each match in the string
let result = regex.captures_iter(string);
for mat in result {
println!("{:?}", mat);
}
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Rust, please visit: https://docs.rs/regex/latest/regex/