# coding=utf8
# the above tag defines encoding for this document and is for Python 2.x compatibility
import re
regex = r"(?P<srx_eventType>RT_FLOW_.+):\s\w+\s\w+\s(?P<srx_sourceIP>\d+\.\d+\.\d+\.\d+)\/(?P<srx_sourcePort>\d+)->(?P<srx_destinationIP>\d+\.\d+\.\d+\.\d+)\/(?P<srx_destinationPort>\d+)\s0x0\s(?P<srx_Application>\S+)\s(?:\d\(\d\))?(?:\d+\.\d+\.\d+\.\d+\/\d+->\d+\.\d+\.\d+\.\d+\/\d+\s0x0\s)?(?:(?:N\/A\s)+)?(?:(?P<srx_natType>[a-z]+)\srule\s(?P<srx_natRule>\S+)\s)?(?:(?:N\/A\s)+)?(?:\d+)?\s(?P<srx_policyName>\S+)\s(?P<srx_zoneIn>\S+)\s(?P<srx_zoneOut>\S+)\s(?:(?:UNKNOWN UNKNOWN)|(?:\d+))\sN\/A\(N\/A\)\s(?P<srx_interfaceIn>\S+)"
test_str = ("Jul 5 15:25:01 10.151.18.1 Jul 5 20:25:01 srx21 RT_FLOW: RT_FLOW_SESSION_DENY: session denied 136.62.186.217/62724->96.47.223.17/445 0x0 junos-smb-session 6(0) default-drop Outside DMZ UNKNOWN UNKNOWN N/A(N/A) reth0.0 UNKNOWN policy deny\n"
"Jul 6 14:16:13 10.151.18.1 Jul 6 19:16:12 srx21 RT_FLOW: RT_FLOW_SESSION_CREATE: session created 10.151.10.61/48040->10.151.150.18/8080 0x0 None 10.151.10.61/48040->10.151.150.18/8080 0x0 N/A N/A N/A N/A 6 DMZ-Trust_any DMZ Trust 1858740 N/A(N/A) reth2.10 UNKNOWN UNKNOWN UNKNOWN\n"
"Jul 6 14:16:13 10.151.18.1 Jul 6 19:16:12 srx21 RT_FLOW: RT_FLOW_SESSION_CREATE: session created 10.151.150.121/34954->209.239.233.7/443 0x0 junos-https 64.17.7.244/42525->209.239.233.7/443 0x0 source rule r1 N/A N/A 6 outside-access Trust Outside 1503483 N/A(N/A) reth1.190 UNKNOWN UNKNOWN UNKNOWN\n"
"Jul 6 14:16:13 10.151.18.1 Jul 6 19:16:12 srx21 RT_FLOW: RT_FLOW_SESSION_CREATE: session created 73.152.202.193/47878->64.17.7.246/53 0x0 junos-dns-udp 73.152.202.193/47878->10.151.10.64/53 0x0 N/A N/A static rule external-dns 17 external-dns Outside DMZ 1200031 N/A(N/A) reth0.0 UNKNOWN UNKNOWN UNKNOWN\n"
"Jul 6 17:10:13 10.151.18.1 Jul 6 22:10:12 srx21 RT_FLOW: RT_FLOW_SESSION_CREATE: session created 66.87.85.217/16879->96.47.221.72/443 0x0 junos-https 66.87.85.217/16879->10.151.10.66/443 0x0 N/A N/A destination rule websites-221 6 webtraffic-in Outside DMZ 931704 N/A(N/A) reth0.0 UNKNOWN UNKNOWN UNKNOWN\n")
matches = re.finditer(regex, test_str)
for matchNum, match in enumerate(matches, start=1):
print ("Match {matchNum} was found at {start}-{end}: {match}".format(matchNum = matchNum, start = match.start(), end = match.end(), match = match.group()))
for groupNum in range(0, len(match.groups())):
groupNum = groupNum + 1
print ("Group {groupNum} found at {start}-{end}: {group}".format(groupNum = groupNum, start = match.start(groupNum), end = match.end(groupNum), group = match.group(groupNum)))
# Note: for Python 2.7 compatibility, use ur"" to prefix the regex and u"" to prefix the test string and substitution.
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Python, please visit: https://docs.python.org/3/library/re.html