The following is the regex I am working on and what I'm trying to do is exclude any username events that ends with "ZLX" but I doubt that If I am following the right syntax. especially I am not sure if I can use "!" for excluding.
REGEX = (logtype::A.*(id::(123|456)|(id::789.*username**!**::[a-zA-Z]{2,3}-+.*?-ZLX))
↧