import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class Example {
public static void main(String[] args) {
final String regex = "<AUDT:INFO>.(?<date>\\d+.\\d+.\\d+) (?:\\d+:\\d+:\\d+) (?:\\d+.\\d+.\\d+.\\d+) (?:.*(?<subject>Failed 'Active Directory' login attempt)(?:.\\w+.\\w+)(?<impacteduser>.*?'\\W))\\w+.\\w+.\\w+.\\w+.'(?<sip>.\\d+.\\d+.\\d+.\\d+)'";
final String string = "08 20 2020 11:18:08 10.72.1.17 <AUDT:INFO> 2020-08-20 11:17:12 10.72.1.17 Passwordstate: Failed 'Active Directory' login attempt for UserID 'fakedoamin\\FakeUser' from the IP Address '10.72.1.231'. Possible incorrect Username or Password, or this could also be caused by restricted Logon Hours in Active Directory. Client IP Address = 10.72.1.231\n\n"
+ "08 21 2020 08:32:25 10.72.1.17 <AUDT:INFO> 2020-08-21 08:31:58 10.72.1.17 Passwordstate: Successful Active Directory login for UserID 'fakedoamin\\FakeUser' from the IP Address '10.72.1.17'. Client IP Address = 10.14.1.93\n\n";
final Pattern pattern = Pattern.compile(regex, Pattern.MULTILINE);
final Matcher matcher = pattern.matcher(string);
while (matcher.find()) {
System.out.println("Full match: " + matcher.group(0));
for (int i = 1; i <= matcher.groupCount(); i++) {
System.out.println("Group " + i + ": " + matcher.group(i));
}
}
}
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Java, please visit: https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html