What regex expression is best for extracting windows file name and file path?
Question
Create a single regex to extract the two parts of 'New Process Name' as file_path and file_name. Note that in this example:
Process Information:
New Process ID: 0x8609
New Process Name: C:\Windows\System32\example_c.exe
New Process Name: D:\Intel\Logs\User\Tom Warner\logs.txt
- there are two directories
- the file is in the C drive and none of the directory names or file name contains a space
However, other log samples could have any arbitrary number of file paths within any letter drive. And in Windows, directory and file names are allowed to contain spaces and can be encapsulated in quotes. Ensure your regex could capture any of these cases.
This is the expression I've come up with. I'm able to match the file_path, but I'm not having any luck matching the file_name. What is the expression should be used to match both file_name and file_path
New Process Name:\t+(?<file_path>\w:*[\\\S|*\S]?.*$).*?(?<file_name>[\w-]+?(?=\.))
1 answers
solution1
0 2019-03-21 21:42:29
New Process Name:\t+(?<file_path>\w:.*?)(?<file_name>[^\\]+)$
(?<file_path>\\w:.*? Creates the group name file_path
\\w: matches the drive letter. Windows drive paths are usually letters
.*? Matches everything after the drive letter
(?<file_name>[^\\\\]+)$ creates the group name file_name [^\\\\]+ means not equal to \\ which allows the regex to take in all of the information until it sees the last \\
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.