Hello I have the below sample events
Thu Sep 5 10:00:02 EDT 2019 XDB EXPIRED & LOCKED 28-SEP-11 CTXAPP
Thu Sep 5 10:00:02 EDT 2019 VWEinsnte3345 LOCKED GPW_READ
I want to extract XDB , VWEinsnte3345 AS USERNAME and EXPIRED & LOCKED , LOCKED as status , 28-SEP-11 as expiry date(this field is not there for all events) and CTXAPP , GPW_READ as ROLE
Below is the regex I am using but this is only extracting for event 2
EDT\s\d*\s(?[^\s]+)\s*(?[^ ]+)\s*(?[^ ]+)
Thanks in advance
↧