Regular Expressions 101

Save & Share

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

/
/
gi

Test String

Code Generator

Language

Generated Code

# coding=utf8 # the above tag defines encoding for this document and is for Python 2.x compatibility import re regex = r"ESAAttachmentDetails=.*?'(\S+\.\b(?!eml|p7s|xml)\b.*?)'.*?\sESAFriendlyFrom" test_str = "Sep 09 08:32:28 Qradar_mail_log_monoline: CEF:0|Cisco|C600V Email Security Virtual Appliance|13.0.0-375|ESA_CONSOLIDATED_LOG_EVENT|Consolidated Log 'IndiceBusta.xml' Event|5|deviceExternalId=4218A388D5F87FE03948-AF94EFBF2387 ESAMID=46698525 ESAICID=93560178 ESADCID=12077002 ESAAMPVerdict=NOT_EVALUATED ESAASVerdict=NOT_EVALUATED ESAAVVerdict=NEGATIVE ESACFVerdict=MATCH endTime=Wed Sep 9 08:32:26 2020 ESADLPVerdict=NOT_EVALUATED dvc=172.16.102.105 ESAAttachmentDetails={'smime.p7s': {'BodyScanner': {}}, 'IndiceBusta.xml': {'BodyScanner': {}}, 'postacert.eml': {'BodyScanner': {}}, '976739s.pdf': {'BodyScanner': {}}, 'daticert.xml': {'BodyScanner': {}}, 'Comunicazione.xml': {'BodyScanner': {}}, 'MELCARNE=20ANNA=20PAOLA=20-=20NOTE=20TRATTAZIONE=20SCRITTA.pdf.zip': {'BodyScanner': {}}} ESAFriendlyFrom=posta-certificata@telecompost.it ESAGMVerdict=NEGATIVE startTime=Wed Sep 9 08:32:25 2020 deviceInboundInterface=InComing deviceDirection=0 ESAMailFlowPolicy=ACCEPT suser=forward.mailbox@forward.telecompost.it cs1Label=MailPolicy cs1=INPS cs2Label=SenderCountry cs2=Italy ESAMFVerdict=MATCH act=DELIVERED cs4Label=ExternalMsgID cs4='<1991715585.1180479.1599633145120.JavaMail.root@pecbe1>'" matches = re.finditer(regex, test_str, re.IGNORECASE) for matchNum, match in enumerate(matches, start=1): print ("Match {matchNum} was found at {start}-{end}: {match}".format(matchNum = matchNum, start = match.start(), end = match.end(), match = match.group())) for groupNum in range(0, len(match.groups())): groupNum = groupNum + 1 print ("Group {groupNum} found at {start}-{end}: {group}".format(groupNum = groupNum, start = match.start(groupNum), end = match.end(groupNum), group = match.group(groupNum))) # Note: for Python 2.7 compatibility, use ur"" to prefix the regex and u"" to prefix the test string and substitution.

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Python, please visit: https://docs.python.org/3/library/re.html