I have constructed the regex for the below log statement and trying to add capture groups so that I can assign each group to a variable and print them. I am getting null values when I added parentheses as capture blocks. Is there away I can add capture groups to below regex.
Log:
2022-02-09 10:00:52,785 EST|2022-02-09 10:00:52.785 CST 48767a165b22 [INFO ] CorrelationId=d0b0005a-56aa-4e23-a00e-7b22bc41d001 ApplicationName=ATSystems [http-nio-8080-exec-8] com.jivasciences.jrx.mo.bundle.app.transform.handler.bundleHandler - ReceivedDate=2022-02-09 10:00:56
from which I want to capture the following as groups:
48767a165b22INFOd0b0005a-56aa-4e23-a00e-7b22bc41d001ATSystemscom.jivasciences.jrx.mo.bundle.app.transform.handler.bundleHandler2022-02-09 10:00:56
My regex so far:
([0-9] (-[0-9] ) ) [0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,3})?,[0-9] [a-zA-Z] |[0-9]{4}-[0-9]{2}-[0-9]{2} (([ -]?(?=\.\d|\d)(?:\d )?(?:\.?\d*))(?:[eE]([ -]?\d ))?(:([ -]?(?=\.\d|\d)(?:\d )?(?:\.?\d*))(?:[eE]([ -]?\d ))?) ) [a-zA-Z] ([0-9] ([a-zA-Z] [0-9] ) ) \[[^\]]*] CorrelationId=[{]?[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]? ApplicationName=[a-zA-Z] \[[^\]]*] [a-zA-Z] (\.[a-zA-Z] ) - ReceivedDate=([0-9] (-[0-9] ) ) ([0-9] (:[0-9] ) )
CodePudding user response:
Try this:
[0-9 ,.:-] [A-Z]{3}\|[0-9 ,.:-] [A-Z]{3} ([0-9a-f] ) \[(\w ) *].*?=([0-9a-f-] ).*?=(\w ).*?\] ([\w.] ).*?=([0-9-] [0-9:] )
See live demo.
More readable format:
[0-9 ,.:-] [A-Z]{3}\|[0-9 ,.:-] [A-Z]{3} ([0-9a-f] ) \[(\w ) *].*?=([0-9a-f-] ).*?=(\w ).*?\] ([\w.] ).*?=([0-9-] [0-9:] )
CodePudding user response:
This pattern should do it.
^.*?\|.*?\s(\w{9,})\s\[([A-Z] ).*?CorrelationId=\{?([a-f0-9-]{36})\}?\sApplicationName=(.*?)\s\[.*?\]\s(\S )\s-\sReceivedDate=([\d\-]{10}\s[\d:]{8}).*$
The first part is simplified, since those timestamps aren't required.
Test on regex101