Here is the regex that I have:
^\(\d+\)\s+\d+/\d+/\d+\s+\d+:\d+:\d+\s+\w+\s+\-\s+\(\w+\s+\w+\s+\w+\)\s+\(\d+\.\d+\.\d+\.\d+\)>\s+\w+\s+\w+\s+\w+\s+\d+,\s+\w+\s+\w+\s+\w+\.\.\.\s+\(\d+\)\s+\d+/\d+/\d+\s+\d+:\d+:\d+\s+\w+\s+\-\s+\(\w+\s+\w+\s+\w+\)\s+\(\d+\.\d+\.\d+\.\d+\)>\s+\w+\s+(?P\w+)
I am trying to pick up the user name from this detail
(000019) 6/3/2016 16:01:02 PM - (not logged in) (xx.xxx.xxx.xxx)> Connected on port 7001, sending welcome message...
(000019) 6/3/2016 16:01:27 PM - (not logged in) (xx.xxx.xxx.xxx)> USER CED\-nastot-coastallogic
and I have users like this in the same log
(000020) 6/3/2016 16:01:02 PM - (not logged in) (xx.xxx.xxx.xxx)> Connected on port 7001, sending welcome message...
(000019) 6/3/2016 16:01:27 PM - (not logged in) (xx.xxx.xxx.xxx)> USER aa123
My regex will pick up the second user, but will not pick up the first. I only get CED. Can someone show me what needs to be added or removed to pickup both users? I don't mind if the user includes the `CED\` with the full name.
↧