$re = '/^(?:[^ ]*, )*?(?<client_ip>[^ ]*) (?<host>[^ ]*) (?<user>[^ ]*) \[(?<time>[^\]]*)\] "(?<method>\S+)(?: +(?<uri>[^\"]*?)(?: +\S*)?)?" "(?<body>.*?)" (?<code>[^ ]*) (?<size>[^ ]*)(?: "(?<referer>[^\"]*)" "(?<agent>[^\"]*)")? (?<request_time>[^ ]*) (?<upstream_response_time>.*)$/';
$str = '140.207.54.75, 100.97.90.103, 10.117.43.51 - - [24/Jun/2016:05:32:02 +0800] "POST /weixin/notify/open/authorize?signature=2ac1ca77cf259bc2b234e3261e320db698c53a9c×tamp=1466717523&nonce=1035843400&encrypt_type=aes&msg_signature=2712811c2c6cf0cacdfb65461ab4c23ec36a3c61 HTTP/1.0" "<xml>\\x0A <AppId><![CDATA[wxe484f12197737223]]></AppId>\\x0A <Encrypt><![CDATA[By8VnMuxv0R05S8Zl4+eY5Nq5nzqjNcTN8ljzfIOBM/GSzYMEPXwNck62DjFqnSbOkHK0xZ4uLJkc09Bnomr4Q/Zdt98YGNcdXmW4lDA8rQPfJU97hRfM5EwWGUI1n2EOgk8rSBVNwYE08DMdtXy6NVtPEi3JVktUlq0X5DkMhQg+YchJTAeiw+zbXoqYjWWX+prSDPXFArLu+6jzKliB8i+B9R2uaqtx+f2ceRY2vPoVP4p9xg2+ViOCM7n3rA8hjvk9Qf2pdeAvLsJxon/NTRkSAiUDKYwEwT5zF5sJ7S0nem3PyXHtiNczIDeNIIhl0lbsfY4muVuDx0I0GFp7PH/mJM9OdpJSarE6znxTAuij151NsmiehZsCAEQqKhbiVCCyvvdHAmWvZn1UZ86XSF5d0r1HBPeUYegsHfuj7lOpkalB65Br3DVDEkPjiCljwlcx7R5rAutvRHzBx2Y/A==]]></Encrypt>\\x0A</xml>\\x0A" 200 7 "-" "Mozilla/4.0" 0.008 0.007';
preg_match($re, $str, $matches, PREG_OFFSET_CAPTURE, 0);
// Print the entire match result
var_dump($matches);
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for PHP, please visit: http://php.net/manual/en/ref.pcre.php