Regular Expressions 101

Save & Manage Regex

  • Current Version: 1
  • Save & Share
  • Community Library

Flavor

  • PCRE2 (PHP)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java
  • .NET 7.0 (C#)
  • Rust
  • PCRE (Legacy)
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests
Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
Processing...

Test String

Code Generator

Language

Generated Code

import re regex = re.compile(r"ESAAttachmentDetails=.*?'(\S+\.\b(?!eml|p7s|xml)\b.*?)'.*?\sESAFriendlyFrom", flags=re.IGNORECASE) test_str = "Sep 09 08:32:28 Qradar_mail_log_monoline: CEF:0|Cisco|C600V Email Security Virtual Appliance|13.0.0-375|ESA_CONSOLIDATED_LOG_EVENT|Consolidated Log 'IndiceBusta.xml' Event|5|deviceExternalId=4218A388D5F87FE03948-AF94EFBF2387 ESAMID=46698525 ESAICID=93560178 ESADCID=12077002 ESAAMPVerdict=NOT_EVALUATED ESAASVerdict=NOT_EVALUATED ESAAVVerdict=NEGATIVE ESACFVerdict=MATCH endTime=Wed Sep 9 08:32:26 2020 ESADLPVerdict=NOT_EVALUATED dvc=172.16.102.105 ESAAttachmentDetails={'smime.p7s': {'BodyScanner': {}}, 'IndiceBusta.xml': {'BodyScanner': {}}, 'postacert.eml': {'BodyScanner': {}}, '976739s.pdf': {'BodyScanner': {}}, 'daticert.xml': {'BodyScanner': {}}, 'Comunicazione.xml': {'BodyScanner': {}}, 'MELCARNE=20ANNA=20PAOLA=20-=20NOTE=20TRATTAZIONE=20SCRITTA.pdf.zip': {'BodyScanner': {}}} ESAFriendlyFrom=posta-certificata@telecompost.it ESAGMVerdict=NEGATIVE startTime=Wed Sep 9 08:32:25 2020 deviceInboundInterface=InComing deviceDirection=0 ESAMailFlowPolicy=ACCEPT suser=forward.mailbox@forward.telecompost.it cs1Label=MailPolicy cs1=INPS cs2Label=SenderCountry cs2=Italy ESAMFVerdict=MATCH act=DELIVERED cs4Label=ExternalMsgID cs4='<1991715585.1180479.1599633145120.JavaMail.root@pecbe1>'" matches = regex.finditer(test_str) for match_num, match in enumerate(matches, start=1): print(f"Match {match_num} was found at {match.start()}-{match.end()}: {match.group()}") for group_num, group in enumerate(match.groups(), start=1): print(f"Group {group_num} found at {match.start(group_num)}-{match.end(group_num)}: {group}")

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Python, please visit: https://docs.python.org/3/library/re.html