发表新帖
发表新帖

Regex to get the words after matching string

前端 未结
关注
6 1016
予麋鹿
予麋鹿 2020-11-27 02:33

Below is the content:

Subject:
    Security ID:        S-1-5-21-3368353891-1012177287-890106238-22451
    Account Name:       ChamaraKer
    Account Domain:
相关标签:
6条回答
  • 盖世英雄少女心
    2020-11-27 03:13

    The following should work for you:

    [\n\r].*Object Name:\s*([^\n\r]*)

    Working example

    Your desired match will be in capture group 1.

    [\n\r][ \t]*Object Name:[ \t]*([^\n\r]*)

    Would be similar but not allow for things such as " blah Object Name: blah" and also make sure that not to capture the next line if there is no actual content after "Object Name:"

    0 讨论(0)
  • 天命终不由人
    2020-11-27 03:14

    But I need the match result to be ... not in a match group...

    For what you are trying to do, this should work. \K resets the starting point of the match.

    \bObject Name:\s+\K\S+

    You can do the same for getting your Security ID matches.

    \bSecurity ID:\s+\K\S+
    0 讨论(0)
  • 谎友^
    2020-11-27 03:20

    You're almost there. Use the following regex (with multi-line option enabled)

    \bObject Name:\s+(.*)$

    The complete match would be

    Object Name:   D:\ApacheTomcat\apache-tomcat-6.0.36\logs\localhost.2013-07-01.log

    while the captured group one would contain

    D:\ApacheTomcat\apache-tomcat-6.0.36\logs\localhost.2013-07-01.log

    If you want to capture the file path directly use

    (?m)(?<=\bObject Name:).*$
    0 讨论(0)
  • 被撕碎了的回忆
    2020-11-27 03:20

    Here's a quick Perl script to get what you need. It needs some whitespace chomping.

    #!/bin/perl

$sample = <<END;
Subject:
  Security ID:        S-1-5-21-3368353891-1012177287-890106238-22451
  Account Name:       ChamaraKer
  Account Domain:     JIC
  Logon ID:       0x1fffb

Object:
  Object Server:  Security
  Object Type:    File
  Object Name:    D:\\ApacheTomcat\\apache-tomcat-6.0.36\\logs\\localhost.2013- 07-01.log
  Handle ID:  0x11dc
END

my @sample_lines = split /\n/, $sample;
my $path;

foreach my $line (@sample_lines) {
  ($path) = $line =~ m/Object Name:([^s]+)/g;
  if($path) {
    print $path . "\n";
  }
}
    0 讨论(0)
  • 小鲜肉
    2020-11-27 03:30

    This is a Python solution.

    import re

line ="""Subject:
    Security ID:        S-1-5-21-3368353891-1012177287-890106238-22451
    Account Name:       ChamaraKer
    Account Domain:     JIC
    Logon ID:       0x1fffb

Object:
    Object Server:  Security
    Object Type:    File
    Object Name:    D:\ApacheTomcat\apache-tomcat-6.0.36\logs\localhost.2013-07-01.log
    Handle ID:  0x11dc"""



regex = (r'Object Name:\s+(.*)')
match1= re.findall(regex,line)
print (match1)

*** Remote Interpreter Reinitialized  ***
>>> 
['D:\\ApacheTomcat\x07pache-tomcat-6.0.36\\logs\\localhost.2013-07-01.log']
>>>
    0 讨论(0)
  • 梦谈多话
    2020-11-27 03:33

    This might work out for you depending on which language you are using:

    (?<=Object Name:).*

    It's a positive lookbehind assertion. More information could be found here.

    It won't work with JavaScript though. In your comment I read that you're using it for logstash. If you are using GROK parsing for logstash then it would work. You can verify it yourself here:

    https://grokdebug.herokuapp.com/

    0 讨论(0)
 看不清?
提交回复
热议问题