My Text line is like this :

'891880 2022-09-28 16:48:11 10.10.50.204 "user100-useradmin" 10.10.50.1 8080'

I want to get out put in csv file with following columns like this

DateTime, SourceIP, UserID
2022-09-28 16:48:11,10.10.50.204,user100-useradmin

While From this PowerShell script, i am only getting IP addresses

$input_path = "C:\my.txt"
$output_file = "C:\my1.txt"
$regex = ‘\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b’
select-string -Path $input_path -Pattern $regex -AllMatches | % { $_.Matches } | % { $_.Value } > $output_file

CodePudding user response：

Your regex is only looking for sets of digits with dots between them, only ip addresses match that. The following ([0-9] (-[0-9] ) ).*([0-9] (:[0-9] ) ).*([0-9] (\.[0-9] ) ).".*?" will output 2022-09-28 16:48:11 10.10.50.204 "user100-useradmin" which is a start. Hope this helps.

CodePudding user response：

This was my text Line

#2891880 2022-09-28 16:48:11 10.10.50.204 "user100-prtgadmin" 10.10.50.1 8080 POST /public/checklogin.htm username=prtgadmin&password=*** 200 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"

And i got my desired out put by using this powershell code

< $input_path = "C:\my\file3.log"

$output_file = "C:\my\test1.txt"

$regex = '[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}(.[0-9]{1,3})? ([0-9] (.[0-9] ) ) "(?:[^\"]|\\|\)*"'

select-string -Path $input_path -Pattern $regex -AllMatches | % { $.Matches } | % { $.Value } > $output_file>