Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Regex Needed:(

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Regex Needed:(
# 1  
Old 10-30-2012
Regex Needed:(
I am looking for the proper regex to match the hostname "areagc11" of this log.... Any help would be awsomeSmilie

Oct 25 11:08:18 areagc11 961: Oct 25 18:08:17.536 GMT: %SYS-5-CONFIG_I: Configured from console by someone onvty1 (10.156.72.97)
# 2  
Old 10-30-2012
Where's the hostname? And if you say that it's "X", I'll say why not just use the string "X" to match? Smilie
Seriously, you should provide more info, may be more of that log to show those lines which need to be filtered out and those which need to be retained, the logic behind that, etc.
# 3  
Old 10-30-2012
hostname:
areagc11

log:
Oct 25 11:08:18 areagc11 961: Oct 25 18:08:17.536 GMT: %SYS-5-CONFIG_I: Configured from console by someone onvty1 (10.156.72.97)
# 4  
Old 10-30-2012
I'm not sure what exactly is your requirement, but if you simply want to retrieve a line in your log file which has host name: areagc11 in it, then you can use grep command:

Code:
grep areagc11 <log file name>

# 5  
Old 10-30-2012
Sorry guys for not being clear, I am using Splunk which is a logging tool. It parses out parts of the log for you and even grabs the hostname. For some reason these cisco logs are not grabbing the correct hostname. I am currently ussing the following to match the hostname but it is not picking it up correctly.

REGEX = \w+\s+\w+\s+\w+\:\w+\:\w+\s+((\w+\.\w+\.\w+\.\w+)|((\w+)(\-)*(\w+)*))\s+\w+\:\s+(\w+)
FORMAT = host::$1

From:
Oct 25 11:08:18 areagc11 961: Oct 25 18:08:17.536 GMT: %SYS-5-CONFIG_I: Configured from console by someone onvty1 (10.156.72.97)

I wanted to see if someone would have a better idea for a pattern to match the hostname areagc11 which is just 1 name out of 10,000 routers so I can't use any part of the hostname to match on.
# 6  
Old 10-30-2012
To be honest, this is not the normal regexp, but probably some internal regexp from Splunk. How this works i don't know (i haven't heard of this program until now), but from what i think i can understand the problem seems to be the part marked bold here:

Quote:
Originally Posted by jlaigo2
Code:
REGEX = \w+\s+\w+\s+\w+\:\w+\:\w+\s+((\w+\.\w+\.\w+\.\w+)|((\w+)(\-)*(\w+)*))\s+\w+\:\s+(\w+)
FORMAT = host::$1


You seem to search for 4 words, separated by 3 dots. This might resemble a hostname like "host.some.sub.domain", but you have only a short name there and your regexp doesn't match therefore.

Make all but the first word to be optional, which probably looks like this:

Code:
REGEX = \w+\s+\w+\s+\w+\:\w+\:\w+\s+((\w+\.*\w+*\.*\w+*\.*\w+*)|((\w+)(\-)*(\w+)*))\s+\w+\:\s+(\w+)
FORMAT = host::$1

I hope this helps.

bakunin
# 7  
Old 10-31-2012
Thanks big time I will give it a try.

---------- Post updated 10-31-12 at 09:02 AM ---------- Previous update was 10-30-12 at 10:39 AM ----------

FYI, the code did not work for me but I figured it out and used the following code.

(?i)^(?:[^ ]* ){3}(?P<FIELDNAME>[^ ]+)
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Sendmail K command regex: adding exclusion/negative lookahead to regex -a@MATCH

I'm trying to get some exclusions into our sendmail regular expression for the K command. The following configuration & regex works: LOCAL_CONFIG # Kcheckaddress regex -a@MATCH +<@+?\.++?\.(us|info|to|br|bid|cn|ru) LOCAL_RULESETS SLocal_check_mail # check address against various regex... (0 Replies)
Discussion started by: RobbieTheK
0 Replies

2. Shell Programming and Scripting

Perl, RegEx - Help me to understand the regex!

I am not a big expert in regex and have just little understanding of that language. Could you help me to understand the regular Perl expression: ^(?!if\b|else\b|while\b|)(?:+?\s+){1,6}(+\s*)\(*\) *?(?:^*;?+){0,10}\{ ------ This is regex to select functions from a C/C++ source and defined in... (2 Replies)
Discussion started by: alex_5161
2 Replies

3. UNIX for Dummies Questions & Answers

RegEX help needed

Hi, Have to filter out string before the last underscore in the following input: UNIX_Solaris_59_KSH output: UNIX_Solaris_59 dummy one but :mad: Thanks & Regards, Sourabh Singh Khichi (4 Replies)
Discussion started by: skhichi
4 Replies

4. Shell Programming and Scripting

Help needed in regex

Hi, Could you please help me in writing a regex for the following requirement? Let following be the string format: abc.cdef.ghij.lm I need to check between dots, there is atleast one character{a-z,A-Z,*}. Eg: abc1.gt2.345j is valid, but not 123.abc.vff.gth because 123 should not be... (2 Replies)
Discussion started by: lorzinian
2 Replies

5. UNIX for Dummies Questions & Answers

read regex from ID file, print regex and line below from source file

I have a file of protein sequences with headers (my source file). Based on a list of IDs (which are included in some of the headers), I'd like to print out only the specified sequences, with only the ID as header. In other words, I'd like to search source.txt for the terms in IDs.txt, and print... (3 Replies)
Discussion started by: pathunkathunk
3 Replies

6. Shell Programming and Scripting

perl regex help needed

Hi, I want to validate strings in perl, the string may contains characters from a-zA-Z0-9 and symbols +-_.:/\ To validate such a string I computed a regex if ($string =~ m/^/) { print "valid"; } else { print "invalid"; } but this regex also validates strings that contain... (8 Replies)
Discussion started by: zing_foru
8 Replies

7. Shell Programming and Scripting

regex in ls

Hi Experts, I am using ls with regex in the below manner: VAR="*.txt *.TXT" ls -l $VAR This is working fine if I have both txt and TXT extension files in my directory. But if any of them is not present, its throwing errors, that *.TXT file not found in the directory. So what am i missing... (6 Replies)
Discussion started by: sugarcane
6 Replies

8. Shell Programming and Scripting

Regex help needed

Hello, I'd like to write a regex that transforms a German base form of a noun into one of its inflected forms, namely I want to translate "Haus" to "Häuser" This is what I've got: /^(.+)$/_Umlaut( $1 )_er/ where _Umlaut( x )_ is a function operating on the noun stem captured by $1 The... (1 Reply)
Discussion started by: Bloomy
1 Replies

9. Shell Programming and Scripting

Converting perl regex to sed regex

I am having trouble parsing rpm filenames in a shell script.. I found a snippet of perl code that will perform the task but I really don't have time to rewrite the entire script in perl. I cannot for the life of me convert this code into something sed-friendly: if ($rpm =~ /(*)-(*)-(*)\.(.*)/)... (1 Reply)
Discussion started by: suntzu
1 Replies

10. Shell Programming and Scripting

Sed and regex help needed

Hi all, I'm writing a script that replaces a value in a file. The file is formatted as follows: So, for this example, I'd like to replace the value for param_two. The value for param_two can be a one, or two-digit number. It replaces the value in file.cfg, and directs the... (9 Replies)
Discussion started by: marknu1
9 Replies
Login or Register to Ask a Question