Home > front end >  RegEx extract a substring from log file
RegEx extract a substring from log file

Time:02-05

I'm working with JavaScript and I need to parse a log file in order to extract a substring.

This is an example fo my log file:

Feb 04 11:20:48 info: VPN disconnected: admin @ 6051:abcdefgh [NB017] (duration: 00:05:32)
Feb 04 12:59:21 info: VPN connected: admin @ 6051:abcdefgh [NB017]
Feb 04 12:59:21 info: Connected to 123.123.123.123 (TLS)
Feb 04 12:59:21 info: Data tunnel connected: 
Feb 04 12:59:21 info: Data tunnel operational!
Feb 04 12:59:53 info: VPN disconnected: admin @ 6051:abcdefgh [NB017] (duration: 00:00:32)
Feb 04 13:01:03 info: VPN connected: admin @ 6051:abcdefgh [NB017]
Feb 04 13:01:03 info: Connected to 123.123.123.123 (TLS)
Feb 04 13:01:03 info: Data tunnel connected: 
Feb 04 13:01:03 info: Data tunnel operational!
Feb 04 13:01:35 info: VPN disconnected: admin @ 6051:abcdefgh [NB017] (duration: 00:00:40)
Feb 04 13:49:26 info: VPN connected: admin @ 6051:abcdefgh [NB017]
Feb 04 13:49:27 info: VPN disconnected: admin @ 6051:abcdefgh [NB017] (duration: 00:00:09)
Feb 04 13:50:06 info: VPN connected: admin @ 6051:abcdefgh [NB017]
Feb 04 13:50:06 info: Connected to 123.123.123.123 (TLS)
Feb 04 13:50:06 info: Data tunnel connected: 
Feb 04 13:50:07 info: Data tunnel operational!
Feb 04 15:37:57 info: (Log Displayed)

I need to extract the user who make the last connection since there are multiple connection in the log.

For instance starting from "VPN connected: " to the last "]".

I tried with this RegEx

VPN connected([^.] )]

but JS returns several log when I need only the last one.

How can I improve mi RegEx?

CodePudding user response:

You could solve this problem by taking the last capturing group from the resulting JavaScript array or by modifying your RegEx:

(VPN connected[^\]] \])(?![\s\S]*\1)

First of all, I think you want to capture each line of VPN connected separately:

VPN connected[^\]] \]

This will start with "VPN connected" and stops with the next closing bracket.

Then I added a negative lookahead group (indicated by ?!). The group looks for any whitespace and non-whitespace followed by our first capturing group. The negative lookahead will ensure, that we don't have another match after our first match. This results in our first match being the last occurence :-)

Edit: Clarified explanation for the first capturing group

Edit2: Since you want to have the user, you can expand the RegEx to something like this:

(VPN connected: (\w )[^\]] \])(?![\s\S]*\1)

The user should be found in the second group.

Note: There might be some tweaking necessary based on the allowed characters in the user's name.

Page link:https//www.codepudding.com/frontend/289588.html

Prev:Detect JavaScript comments starting with **! using RegExp
Next:Mark specific words with asterisks (Javascript)
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding