Regex for web extraction. Positive lookahead issues -

-

below example of data i'm using. i've read number of posts involving topic, tried while on regex101.

botinfo[-]: source ip:[10.1.1.100] target host:[centos70-1] target os:[centos 7.0] description:[http connection request] details:[10.1.1.101 - - [28/may /2013:12:24:08 +0000] "get /math/html.mli http/1.0" 404 3567 "-" "-" ] phase: [access] service:[web]

the goal have 2 capture groups. 1 for tag (e.g. source ip, target host, description, etc) , content contained in outermost square brackets.

it's "outermost" that's getting me, because content details tag has square brackets in it.

here current progress on said regex. using /g flag:

\s?([^:]+):\[(.*?(?=\]\s.*?:\[))\]

this handles except edge case (it's more complex needed because i've been fiddling trying edge case work).

my current lookahead (\]\s.*?:\[), @ high level, match end left bracket , next tag. issue fails @ last match, because there no following tag.

edit: example of successful output requested. using data provided, goal have 2 capture groups resulting in these pairs:

match 1 1.  `source ip` 2.  `10.1.1.100` match 2 1.  `target host` 2.  `centos70-1` match 3 1.  `target os` 2.  `centos 7.0` match 4 1.  `description` 2.  `http connection request` match 5 1.  `details` 2.  `10.1.1.101 - - [28/may/2013:12:24:08 +0000] "get /math/html.mli http/1.0" 404 3567 "-" "-" ` match 6 1.  `phase` 2.  `access`  match 7 1.  `service` 2.  `web`

heavily inspired this answer nested patterns end regex demo here:

\s*([\w ]+):\s*(\[((?>[^[\]]+|(?2))*)\])

the main idea repeat match of brackets as possible (if opening or closing bracket found, repeat (?2). data you're looking in fact in first , third capture group, second capturing brackets recursion happen properly.

details on regex:

  • \s* match (and discard) spaces before field
  • ([\w ]+): capture field name (all before :)
  • \s* again discard space before field
  • (\[ start of second capture group , match litteral [
  • ((?>[^[\]]+ start of third capture group atomic match (blocking backtracking avoid infinite loop) should match brackets
  • |(?2)) if found bracket, try rematching whole second group
  • *) repeat 0 or infinite times atomic group alternation nested brackets , end third capture group
  • \]) our last bracket match , end second capture group used in alternation atomic match.

Comments

Post a Comment

Popular posts from this blog

xslt - Substring before throwing error -

-
i've below xml <?xml version="1.0" encoding="utf-8"?> <body> <p>industrial drawing: creative composition</p> <p>industrial drawing: creative<fn> <fnn>4</fnn> <fnt> <p>ftn1"</p> </fnt> </fn> composition </p> </body> and below xsl. <xsl:template match="p"> <xsl:choose> <xsl:when test="contains(substring-before(./text(),' '),'article')"> <xsl:text>sect3</xsl:text> <xsl:value-of select="./text()"/> </xsl:when> <xsl:when test="contains(substring-before(./b/text(),' '),'section')"> <xsl:text> sect 2</xsl:text> <xsl:value-of select="./text()"/> </xsl:when> <xsl:w...
Read more

oracle - Changing start date for system jobs related to automatic statistics collections in 11g -

-
i have oracle database 11g enterprise edition release 11.2.0.1.0 - 64bit production running on windows 2008 r2 somehow got next run dates scheduled jobs set dates in year 2016. jobs created able reset start_date in turn caused next_run_date reset. jobs related oracle automatic statistics collections unable dms_scheduler.set_attribute work changing start_date values. i tried resetting weekly window's dates per oracle document id 1450173.1 using sql following , did in fact reset values see within dba_scheduler_windows had no change dba_scheduler_jobs begin dbms_scheduler.set_attribute ( name => '"sys"."monday_window"', attribute => 'start_date', value => '10-jun-15 10.00.00.000000000 pm us/central'); end; / the job names seeing issue on are: rse$clean_recoverable_script ora$autotask_clean purge_log sm$clean_auto_split_merge bsln_maintain_stats_job mgmt_stats_config_job some of lack schedule names if try dbms_schedul...
Read more

javascript - gulp-nodemon - nodejs restart after file change - Error: listen EADDRINUSE events.js:85 -

-
i'm running nodejs 0.12.3 - gulp 3.10.8 , gulp-nodemon 2.0.3. gulpfile.js : gulp.task('serve', ['build'], function() { gulp.start('fb-flo'); nodemon({ script: paths.server, env: { 'node_env': 'development' }, // env: { 'node_env': 'production' }, execmap: { 'js': 'node_modules/babel/bin/babel-node --stage 1' //es7 cote server }, delay: '0ms', watch: ['src/shared/', 'src/server/'], ignore: ['src/shared/components'], tasks: function (changedfiles) { var tasks = []; changedfiles.foreach(function (file) { if (path.extname(file) === '.jsx' && !~tasks.indexof('bundlejs')) tasks.push('bundlejs'); if (path.extname(file) === '.less' && !~tasks.indexof('compileless')) tasks.push('compileless'); }); return tasks; } ...
Read more