Regexp - alternate match and grouping
- From: Witold Rugowski <rugowski1spm@xxxxxx>
- Date: Tue, 28 Feb 2006 13:49:14 +0100
Hi!
I need to do some grouping in regexp's but data can have different format. I'm trying to gather some data from syslog servers. I'm trying to extract client hostname (from FreeBSD syslog) or client's ip (from Webtrends syslog).
First ones looks like:
Feb 28 00:00:00 HOSTNAME Feb 28 2006 01:00:00 HOSTNAME : %PIX-6-305011 [cut]
And from Webtrends:
WTsyslog[2006-02-26 23:59:59 ip=IP_ADDRESS pri=6] <14>Feb 26 2006 23:59:59: %PIX-6-302016: [cut]
Currently I'm matching it with:
/(?:([\w\d\-\_\.]*) |ip=([.\d]*).*?)(\w{3} \d{2} \d{4} \d{2}:\d{2}:\d{2})[\w\d\-\_\.: ]*?%PIX[and more]/
But this means that $1 or $2 is defined, depending on input data format. Is some better way to do it? Better for me means that $1 always is HOSTNAME or IP address and $2 is always date...
--
Witold Rugowski
rugowski_at_nhw_pl
http://nhw.pl/blg/
.
- Follow-Ups:
- Re: Regexp - alternate match and grouping
- From: Paul Lalli
- Re: Regexp - alternate match and grouping
- Prev by Date: Re: convert protein fasta stream into harsh table
- Next by Date: Re: Uploaded File Empty but in correct folder with correct name
- Previous by thread: HTML/DOM parser
- Next by thread: Re: Regexp - alternate match and grouping
- Index(es):
