AUSEARCH_ADD_REGEX(3) Linux Audit API AUSEARCH_ADD_REGEX(3)NAME
ausearch_add_regex - use regular expression search rule
SYNOPSIS
#include <auparse.h>
int ausearch_add_regex(auparse_state_t *au, const char *expr);
DESCRIPTION
ausearch_add_regex adds one search condition based on a regular expression to the current audit search expression. The search conditions
can then be used to scan logs, files, or buffers for something of interest. The regular expression follows the posix extended regular
expression conventions, and is matched against the full record (without interpreting field values).
If an existing search expression E is already defined, this function replaces it by (E && this_regexp).
RETURN VALUE
Returns -1 if an error occurs; otherwise, 0 for success.
SEE ALSO ausearch_add_expression(3), ausearch_add_item(3), ausearch_clear(3), ausearch_next_event(3), regcomp(3).
AUTHOR
Steve Grubb
Red Hat Sept 2007 AUSEARCH_ADD_REGEX(3)
this is the content of the file:
i want to remove both the line starting with "=" and "(" but i can only remove one at a time..so how do I go about removing both of them? (15 Replies)
Hi guys,
can any one tell me how to create directories using regular expression?
Let's say that I need to create directories test01, test02, test03.... test10.
Can it be done using any regular expression?
thanks. (13 Replies)
Hi all,
I am processing a file with awk that looks like this:
"
0.0021 etc
0.0123 etc
0.1234 etc
...
0.5324 etc
0.5434 etc
0.6543 etc
...
1.0344 etc
1.1344 etc
...
1.5345 etc
1.5632 etc
"
I need to print out only the lines that have '0' or '5' after the comma, plus I need only... (11 Replies)
I need regular expression for excluding specific range.
e.g. Input Data is
10.10.10.50
67.172.15.15
10.10.10.15
78.122.105.108
I would like to extract only 67.172.15.15 & 78.122.105.108.
I tried with something like /(^10.10.10)/ but it's not working.
Please help me on this (17 Replies)
Hi,
I am executing a svnlook command to check to see if the following line exists. I need a regular expression to represent the line.
A /test/test1/qa/test2/index.html
A /test/test1/qa/test3/test.jpg
A /test/test1/qa/test3/test1.jpg
A /test/test1/qa/test4/test.swf
I just need to extract... (9 Replies)
I need a quick expression to be able to pull out all the data in a text file that looks like "http:// some random url etc" So it should grab any string that begins with "http:// and ends with " There are other double quotes in the file but I only want the ones that start with "http:// and the... (31 Replies)
I trying to match the begining of the following line in a perl script with a regular expression.
$ENV{'ORACLE_HOME'}
I tried this regluar expession:
/\$ENV\{\'ORACLE_HOME\'\}/
Instead of match, I got a blank prompt >
It seems to be a problem with the single quote. If I take it... (11 Replies)
Hello,
How to print the field separator in awk? please see the following code:
cat a.txt
a 1s 2s 3s 4s
b 2s 4s
$ awk 'BEGIN{FS==" "} {print $2 $3 }' te
1s2s
2s4s
I want to get the following output :
1s 2s
2s 4s
How to realize this ?
$ cat te
a 1s,,2s 3s ... (11 Replies)
I have an input file which looks like the example below and I want to format it with 2 columns from the header based on the word "CUSIP" followed by a 9 digit string with first 3 being numeric and in the same line NNN.NN% pattern for the percentage value. (In RED)
I started of with nawk but... (12 Replies)
How to reverse search for a matched string in a file. Get line# of the first matched line. I am getting '2' into 'lineNum' variable.
But it feels like I am using too many commands. Is there a better more efficiant way to do this on Unix?
abc.log
aaaaaaaaaaaaa
bbbbbbbbbbbbb... (11 Replies)
Experts and Informed folks,
Need some help here in parsing the log file.
1389675 Opera_ShirtCatalog INSERT INTO Opera_ShirtCatalog(COL1, COL2) VALUES (1, 'TEST1'), (2,'TEST2');
1389685 Opera_ShirtCatlog_Wom INSERT INTO Opera_ShirtCatlog_Wom(col1, col2, col3) VALUES (9,'Siz12, FormFit',... (12 Replies)
Hello All,
I'm trying to extract the lines between two consecutive elements of an array from a file.
My array looks like:
problem_arr=(PRS111 PRS213 PRS234)
j=0
while } ]
do
k=`expr $j + 1`
sed -n "/${problem_arr}/,/${problem_arr}/p" problemid.txt
---some operation goes... (11 Replies)
Hi,
I am quite knew to scripting and I am trying to get a regular expression to work to check that a user enters a valid version number such as 1 or 1.1 or 12.3 etc. I dont seem to be able to get it to work as it picks up versions such as 1.......2. I only want it to work with a single dot.... (12 Replies)
I have a file which I am reading and then I need to extract a particualr word and if it matches the line.
2015-01-22 07:30:17,814000 +0900 /INFO: - <ns2:virtualServerid="PH11PK" />
Means if the line contain Virtual server I need to extract the id .
Code I wrote#!/usr/bin/perl
... (19 Replies)