Regular Expressions 101

Save & Share

Flavor

  • PCRE2 (PHP >=7.3)
  • PCRE (PHP <7.3)
  • ECMAScript (JavaScript)
  • Python
  • Golang
  • Java 8
  • .NET 7.0 (C#)
  • Rust
  • Regex Flavor Guide

Function

  • Match
  • Substitution
  • List
  • Unit Tests

Tools

Sponsors
There are currently no sponsors. Become a sponsor today!
An explanation of your regex will be automatically generated as you type.
Detailed match information will be displayed here automatically.
  • All Tokens
  • Common Tokens
  • General Tokens
  • Anchors
  • Meta Sequences
  • Quantifiers
  • Group Constructs
  • Character Classes
  • Flags/Modifiers
  • Substitution
  • A single character of: a, b or c
    [abc]
  • A character except: a, b or c
    [^abc]
  • A character in the range: a-z
    [a-z]
  • A character not in the range: a-z
    [^a-z]
  • A character in the range: a-z or A-Z
    [a-zA-Z]
  • Any single character
    .
  • Alternate - match either a or b
    a|b
  • Any whitespace character
    \s
  • Any non-whitespace character
    \S
  • Any digit
    \d
  • Any non-digit
    \D
  • Any word character
    \w
  • Any non-word character
    \W
  • Non-capturing group
    (?:...)
  • Capturing group
    (...)
  • Zero or one of a
    a?
  • Zero or more of a
    a*
  • One or more of a
    a+
  • Exactly 3 of a
    a{3}
  • 3 or more of a
    a{3,}
  • Between 3 and 6 of a
    a{3,6}
  • Start of string
    ^
  • End of string
    $
  • A word boundary
    \b
  • Non-word boundary
    \B

Regular Expression
No Match

r"
"
gm

Test String

Code Generator

Language

Generated Code

import Foundation let pattern = #"(?P<FechayHora>(?:20[0-9]{2}-[0-1]\d-[0-2]\d)\s(?:(?:[0-1]\d|2[0-3]):){2}(?:[0-1]\d|2[0-3]))(?:,|\s)(?P<LogLevel>(?:\w*\.?\w*))(?:,|\s)(?P<Hostname>(?:\d{1,3}\.){3}\d{1,3}|(?:\w*\.cerrey\.com\.mx))(?:,|\s)(?P<mensaje>\"?[\w\s:,\[\]()/-]*\"?)"# let regex = try! NSRegularExpression(pattern: pattern, options: .anchorsMatchLines) let testString = #""" 2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Created slice User Slice of root. 2023-05-21 00:00:00,Daemon.Info,MTYDC02.cerrey.com.mx,May 21 00:40:01 flex3 systemd: Starting User Slice of root. 2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Started Session 2782 of user root. 2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Starting Session 2782 of user root. 2023-05-21 00:00:00,Cron.Info,172.16.1.247,May 21 00:40:01 flex3 CROND[23978]: (root) CMD (/usr/lib64/sa/sa1 1 1) 2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Removed slice User Slice of root. 2023-05-21 00:00:00,Daemon.Info,172.16.1.247,May 21 00:40:01 flex3 systemd: Stopping User Slice of root. 2023-05-21 00:00:01,System3.Critical,MTYSYSLOG.cerrey.com.mx,may 21 00:00:01 MTYSYSLOG.cerrey.com.mx MSWinEventLog 2 Security 10337 dom may 21 00:00:00 2023 4673 Microsoft-Windows-Security-Auditing N/A Audit Failure MTYSYSLOG.cerrey.com.mx 13056 A privileged service was called. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3E5 Service: Server: Security Service Name: - Process: Process ID: 0x1f1c Process Name: C:\Windows\System32\svchost.exe Service Request Information: Privileges: SeProfileSingleProcessPrivilege 2023-05-21 00:00:01,System3.Critical,MTYSYSLOG.cerrey.com.mx,may 21 00:00:01 MTYSYSLOG.cerrey.com.mx MSWinEventLog 2 Security 10338 dom may 21 00:00:00 2023 4673 Microsoft-Windows-Security-Auditing N/A Audit Failure MTYSYSLOG.cerrey.com.mx 13056 A privileged service was called. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3E5 Service: Server: Security Service Name: - Process: Process ID: 0x1f1c Process Name: C:\Windows\System32\svchost.exe Service Request Information: Privileges: SeProfileSingleProcessPrivilege 2023-05-21 00:00:01,System4.Notice,MTYSPDB2.cerrey.com.mx,may 21 00:00:01 MTYSPDB2.cerrey.com.mx MSWinEventLog 5 Security 105034 dom may 21 00:00:00 2023 4672 Microsoft-Windows-Security-Auditing N/A Audit Success MTYSPDB2.cerrey.com.mx 12548 Special privileges assigned to new logon. Subject: Security ID: S-1-5-21-1430283757-1547701557-1542849698-18847 Account Name: SP_Farm Account Domain: CERREY Logon ID: 0x592C221 Privileges: SeSecurityPrivilege SeBackupPrivilege SeRestorePrivilege SeTakeOwnershipPrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeLoadDriverPrivilege SeImpersonatePrivilege SeDelegateSessionUserImpersonatePrivilege 2023-05-21 00:00:01,System4.Notice,MTYSPDB2.cerrey.com.mx,"may 21 00:00:01 MTYSPDB2.cerrey.com.mx MSWinEventLog 5 Security 105035 dom may 21 00:00:00 2023 4624 Microsoft-Windows-Security-Auditing N/A Audit Success MTYSPDB2.cerrey.com.mx 12544 An account was successfully logged on. Subject: Security ID: S-1-0-0 Account Name: - Account Domain: - Logon ID: 0x0 Logon Information: Logon Type: 3 Restricted Admin Mode: - Virtual Account: No Elevated Token: Yes Impersonation Level: Impersonation New Logon: Security ID: S-1-5-21-1430283757-1547701557-1542849698-18847 Account Name: SP_Farm Account Domain: CERREY.COM.MX Logon ID: 0x592C221 Linked Logon ID: 0x0 Network Account Name: - Network Account Domain: - Logon GUID: {fc043bcf-045d-fc8b-47dd-711370b096cf} Process Information: Process ID: 0x0 Process Name: - Network Information: Workstation Name: - Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: Kerberos Authentication Package: Kerberos Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The impersonation level field indicates the extent to which a process in the logon session can impersonate. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested." """# let stringRange = NSRange(location: 0, length: testString.utf16.count) let matches = regex.matches(in: testString, range: stringRange) var result: [[String]] = [] for match in matches { var groups: [String] = [] for rangeIndex in 1 ..< match.numberOfRanges { let nsRange = match.range(at: rangeIndex) guard !NSEqualRanges(nsRange, NSMakeRange(NSNotFound, 0)) else { continue } let string = (testString as NSString).substring(with: nsRange) groups.append(string) } if !groups.isEmpty { result.append(groups) } } print(result)

Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Swift 5.2, please visit: https://developer.apple.com/documentation/foundation/nsregularexpression