Home > Software engineering >  Parsing FQDN and item from Event Log
Parsing FQDN and item from Event Log

Time:10-24

I receive this event text and I need to be able to parse out the FQDN for each line along with the aspect name. I have tried several FQDN regex examples and the only that came close is ^[^.] but that still only captured the hostname, which I would be fine with. But I cannot seem to capture both sets of data.

Example:

Line: Test1.test.local System Reserved 73.2 %

Output:

FQDN = Test1.test.local

Aspect Name = System Reserved

'Performance Disk Utilization Exceeds 50%' threshold
 
Description: Average disk utilization during the past 2 minutes exceeds 50%
 
New Items (11)
 
Occurred at 10/21/2021 10:38:06 AM
 
Display Name Aspect Name Aspect Value
Test1.test.local System Reserved 73.2 %
Test1-stage.test.local System Reserved 69.3 %
test-stage.test.local \\?\Volume{c2e5b983-0000-0000-0000-006225000000}\ 83.3 %
test2.test.local System Reserved 73.2 %
test2.test.local E:\ - Data 62.5 %
test.test.LOCAL System Reserved 69.3 %
test.test.LOCAL \\?\Volume{0833abcb-0000-0000-0000-006225000000}\ 83.3 %
test3.test.local System Reserved 69.4 %
test3.test.local E:\ - SCCM 85.7 %
test3.cdp.local C:\ 53.1 %
test3.cdp.local \\?\Volume{fa03c719-0000-0000-0000-f0e17c000000}\ 83.3 %

CodePudding user response:

You might use 2 capture groups and match the number at the end followed by a percentage sign:

([^\s.] (?:\.[^\s.] ) ) (. ?) \d (?:\.\d )? %
  • ( Capture group 1
    • [^\s.] Match 1 chars other than a whitspace char or .
    • (?:\.[^\s.] ) Repeat 1 times matching a dot followed by 1 chars other than a whitspace char or . to match at least a single dot
  • ) Close group 1
  • (. ?) Capture 1 or more digits in group 2 between 2 spaces
  • \d (?:\.\d )? % Match 1 digits with an optional decimal part and %

regex demo

const regex = /([^\s.] (?:\.[^\s.] ) ) (. ?) \d (?:\.\d )? %/gm;
const str = `Test1.test.local System Reserved 73.2 %
Test1-stage.test.local System Reserved 69.3 %
test-stage.test.local \\\\?\\Volume{c2e5b983-0000-0000-0000-006225000000}\\ 83.3 %
test2.test.local System Reserved 73.2 %
test2.test.local E:\\ - Data 62.5 %
test.test.LOCAL System Reserved 69.3 %
test.test.LOCAL \\\\?\\Volume{0833abcb-0000-0000-0000-006225000000}\\ 83.3 %
test3.test.local System Reserved 69.4 %
test3.test.local E:\\ - SCCM 85.7 %
test3.cdp.local C:\\ 53.1 %
test3.cdp.local \\\\?\\Volume{fa03c719-0000-0000-0000-f0e17c000000}\\ 83.3 %`;

console.log(Array.from(str.matchAll(regex), m => ({
  "FQDN": m[1],
  "AspectName": m[2]
})));
<iframe name="sif1" sandbox="allow-forms allow-modals allow-scripts" frameborder="0"></iframe>

Page link:https//www.codepudding.com/Softwareengineering/164322.html

Prev:Match "After" if it doesn't have an an -ing word after it
Next:Jekyll serve doesn't work, Permission denied
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding