3XLcom
asked on
SSG Anti spam log Regex question
SSG520: NetScreen device_id=0156052006000296 [Root]system-warning-00563: Anti-Spam: SPAM FOUND ! (186.37.205.106) Deny reason: Match sbl server blacklist. (2011-12-22 21:19:52)I need to get
SSG520: NetScreen device_id=0156052006000296
Bold parts
ASKER
SSG520: NetScreen device_id=0156052006000296 [Root]system-warning-00563: Anti-Spam: SPAM FOUND ! (77.223.156.154) Deny reason: Match sbl server blacklist. (2011-12-22 21:32:55)
SSG520: NetScreen device_id=0156052006000296 [Root]system-warning-00563: Anti-Spam: SPAM FOUND ! (77.223.156.154) Deny reason: Match sbl server blacklist. (2011-12-22 21:32:54)
SSG520: NetScreen device_id=0156052006000296 [Root]system-warning-00563: Anti-Spam: SPAM FOUND ! (77.223.156.154) Deny reason: Match sbl server blacklist. (2011-12-22 21:32:53) my logs like this.
I want to get anti spam founs word
ip address ,
reason
and time
your sentece just get
matches: 0: (Anti-Spam: SPAM FOUND ! (186.37.205.106) Deny reason: Match sbl server blacklist. (2011-12-22 21:19:52))
1: (Anti-Spam: SPAM FOUND ! (186.37.205.106))
2: (Match sbl server blacklist. (2011-12-22 21:19:52))
depending on : http://www.regextester.com/
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
yesss that is it
(Anti-Spam:.*\)).*:\s(.*)
Should capture those values with some flexibility - you really should be providing some details of what NOT to capture too though.