Syslog Parser

Published on Tue Mar 01 2022

#134# 2015-05-14T21:22:40-04:00 PRODNJ-RPT01 Microsoft-Windows-TaskScheduler Task Scheduler successfully completed task "\WarmUp Vantage" , instance "{E26D061B-15DD-4F58-B80C-4F11225333DF}" , action "D:\warmupscrt\BSAImpersonationIssueFixer.exe" with return code 0.

Additional matching regexes for
Syslog Parser

Syslog Parser

#134# 2015-05-14T21:22:40-04:00 PRODNJ-RPT01 Microsoft-Windows-TaskScheduler Task Scheduler successfully completed task "\WarmUp Vantage" , instance "{E26D061B-15DD-4F58-B80C-4F11225333DF}" , action "D:\warmupscrt\BSAImpersonationIssueFixer.exe" with return code 0.

email google/microsoft like

email google/microsoft like

ip/host:port parser (proxy lists)

simple ip:port or host:port parser capturing ip or host and port, usually used for proxy lists

Get path from any text

get path (windows style) from any type of text (error message, e-mail corps ...) compatible PCRE, PCRE2, and so, AutoHotkey (just escape "%" in "`%")

MikroTik FireWall

Regex used in Splunk to extract fields from Mikrotik FW. NOTES: - Mikrotik must be configured to use "BSD Syslog" format - FW rules must add, as log prefix, the action: - drop - accep - reject - etc...

my apache2 access.log regex

google.com:80 212.111.203.171 - - [02/Mar/2015:10:27:04 +0000] "GET /css/style.css HTTP/1.1" 304 138 "http://google.com" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.115 Safari/537.36"

PHP file path with wrappers

Breaks file path up into wrappers, root, and path components. Understands both Windows (DOS) and Unix style paths. Wrappers and path components can be farther processed in code. Path component should support any visible Unicode character but not things like VT, HT or any other non-printing character. Most of the non-printable characters would also be allowed by file systems but are near impossible to enter.