• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.

Regular Expressions

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

  • DimPrawn
    replied
    Originally posted by vetran View Post
    $1 for the Bolt $1899 for knowing where to put it.

    definitely.

    A little knowledge is profitable.
    Or the 21st century version.

    $1 for the bolt, 50 Rupees for putting it in the wrong place over and over again.

    Leave a comment:


  • vetran
    replied
    Originally posted by NickFitz View Post
    People like to pretend they're like the character in the xkcd cartoon, but in reality everybody just keeps adding and removing dots, plus signs, and stars in semi-random arrangements until they get something that seems to work
    $1 for the Bolt $1899 for knowing where to put it.

    definitely.

    A little knowledge is profitable.

    Leave a comment:


  • VectraMan
    replied
    Originally posted by darrylmg View Post
    I would recommend www.debuggex.com for visual inspection of the regex. Helps a lot when trying to visualise it.
    That is cool.

    I've always avoided learning regex but I had a client that wanted a configurable way of extracting certain fields from messages being sent from a big machine on a factory floor , and regex seemed like the ideal answer. So I had to connect up a library and then learn how the blasted things worked to test it all.

    I'm sure I've forgotten most of it again. The Visual Studio search box seems to like to switch on regex mode randomly when I don't want it, so I always think if only I knew better how to use them I'd be a whiz at finding things in code.

    And on the subject: Javascript! WTF! I know let's just break the fundamental syntax of the language by having regex strings not be in quotes.

    Leave a comment:


  • adubya
    replied
    srccountry="(.*?)"

    Leave a comment:


  • eek
    replied
    Originally posted by NickFitz View Post
    People like to pretend they're like the character in the xkcd cartoon, but in reality everybody just keeps adding and removing dots, plus signs, and stars in semi-random arrangements until they get something that seems to work
    Don't give the secret away.....

    Leave a comment:


  • NickFitz
    replied
    Originally posted by vetran View Post
    Scary thing is Regex is basically a superpower!

    Many a time someone has said there is no way we can go through all that there are megabytes, Gigabytes , terabytes (depending on Decades) of log files . and a day later we have 200 lines to loOk at. I still struggle with the syntax but between Grep/awk & regex it has saved lots of situations.
    People like to pretend they're like the character in the xkcd cartoon, but in reality everybody just keeps adding and removing dots, plus signs, and stars in semi-random arrangements until they get something that seems to work

    Leave a comment:


  • vetran
    replied
    Originally posted by darrylmg View Post
    I would recommend www.debuggex.com for visual inspection of the regex. Helps a lot when trying to visualise it.
    Bookmarked ta!

    Leave a comment:


  • darrylmg
    replied
    Originally posted by Contreras View Post
    The ^.* matches preceding garbage. For the trailing garbage the $ would be .*$ however both are redundant to your purpose and can be omitted.

    The (.+) matches to end of line and not just the desired string and the () are redundant in that context anyway. Probably you want to match for a string bounded by quotes and not itself including quote char, e.g. "[^"]*"

    Add a leading (^| ) if matching on othersrccountry="..." would be bothersome.

    In the shell, 'single quotes' saves from having to use backslash escapes.

    Code:
    $ cat test.dat
    date=2016-11-26 time=17:03:26 devname=XXXXX3X15013159 devid=XXXXX3X15013159 logid=0001000014 type=traffic subtype=local level=notice vd=root srcip=xx.xx.xx.xx srcport=4927 srcintf="wan" dstip=xxx.xxx.xxx.170 dstport=23 dstintf="root" sessionid=2417401 proto=6 action=deny policyid=0 policytype=local-in-policy dstcountry="United Kingdom" srccountry="United Kingdom" trandisp=noop service="TELNET" app="Console Management(Telnet)" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 appcat="unscanned" crscore=30 craction=131072 crlevel=critical
    
    $ grep -Eo "srccountry=\"[^\"]*\"" test.dat
    srccountry="United Kingdom"
    
    $ grep -Eo 'srccountry="[^"]*"' test.dat 
    srccountry="United Kingdom"
    I don't think the brackets are redundant.
    In a true regex they would return the first match group.
    Which in the OPs case should be "United Kingdom".
    I would recommend www.debuggex.com for visual inspection of the regex. Helps a lot when trying to visualise it.

    Leave a comment:


  • Contreras
    replied
    Originally posted by Netraider View Post
    When I use Regular Expression "^.*srccountry=(.+)$" to try and extract the country from "srccountry" ...
    The ^.* matches preceding garbage. For the trailing garbage the $ would be .*$ however both are redundant to your purpose and can be omitted.

    The (.+) matches to end of line and not just the desired string and the () are redundant in that context anyway. Probably you want to match for a string bounded by quotes and not itself including quote char, e.g. "[^"]*"

    Add a leading (^| ) if matching on othersrccountry="..." would be bothersome.

    In the shell, 'single quotes' saves from having to use backslash escapes.

    Code:
    $ cat test.dat
    date=2016-11-26 time=17:03:26 devname=XXXXX3X15013159 devid=XXXXX3X15013159 logid=0001000014 type=traffic subtype=local level=notice vd=root srcip=xx.xx.xx.xx srcport=4927 srcintf="wan" dstip=xxx.xxx.xxx.170 dstport=23 dstintf="root" sessionid=2417401 proto=6 action=deny policyid=0 policytype=local-in-policy dstcountry="United Kingdom" srccountry="United Kingdom" trandisp=noop service="TELNET" app="Console Management(Telnet)" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 appcat="unscanned" crscore=30 craction=131072 crlevel=critical
    
    $ grep -Eo "srccountry=\"[^\"]*\"" test.dat
    srccountry="United Kingdom"
    
    $ grep -Eo 'srccountry="[^"]*"' test.dat 
    srccountry="United Kingdom"
    Last edited by Contreras; 29 November 2016, 23:43.

    Leave a comment:


  • vetran
    replied
    Originally posted by mudskipper View Post
    Scary thing is Regex is basically a superpower!

    Many a time someone has said there is no way we can go through all that there are megabytes, Gigabytes , terabytes (depending on Decades) of log files . and a day later we have 200 lines to loOk at. I still struggle with the syntax but between Grep/awk & regex it has saved lots of situations.

    Leave a comment:

Working...
X