Extract the Source IP Address from two different log samples with regex
Question
I have a regular expression as follows:
"id.resp_h"|"rx_hosts":(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}),
I am trying to extract the Source IP Address from two different log samples. "id.orig_h" and "tx_hosts" are two different fields for Source IP. How do i ignore the speech marks and square brackets? i just want extract the IP addresses
schema_id=17127524534057985804:skip_writers="":{"_path":"conn","_system_name":"hostname","_write_ts":"2020-01-12T22:09:28.853417Z","ts":"2020-01-12T22:07:14.642074Z","uid":"Cm4cbmvRjlmd2I52c","id.orig_h":"192.168.1.1","id.orig_p":xxx,"id.resp_h":"192.168.1.2","id.resp_p":xxx,"proto":"udp",
schema_id=17223896091372211545:skip_writers="":{"_path":"files","_system_name":"Hostname","_write_ts":"2020-01-12T22:09:00.016260Z","ts":"2020-01-12T22:07:14.108217Z","fuid":"FnmzOv3Fkhr8lP0qL","tx_hosts":["192.168.1.1","192.168.1.1"],"rx_hosts":["192.168.1.10"],
Any help would be gratefully appreciated :-)
Thanks, JM
1 answers
solution1
0 ACCPTED 2020-01-19 09:53:47
Try this if you want to solve it with regex:
(?:"id.resp_h"["[:] |"rx_hosts"["[:] )(\\d{1,3}.\\d{1,3}.\\d{1,3}.\\d{1,3})
See here
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Extract IP address from ipconfig using Regex
Extract ip address from a string using regex
Extract Source IP from log files
Regex to extract capture groups from two different log entries
How to use python regex to extract IP address from server log files?
regex - extract website address from log file
Extract second last IP address from a list of IP using RegEx
Regex to extract first two octets of IP address in hive
Regex: how to extract only first IP address from string (in Python)
Simple Java regex to extract IP address and port from enclosing string
Related Tags