// include the latest version of the regex crate in your Cargo.toml
extern crate regex;
use regex::Regex;
fn main() {
let regex = Regex::new(r#"(?P<date>\S{3}\s\d{1,3}\s\d{2}\:\d{2}\:\d{2})\s(?P<device>\S+)\s\S\=(?P<src>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\:\s\S\=\"(?P<user>.*?)\"\s\S\=\d+\s\S\=\S\s\S\=\d+\s\S\=\d+\s\S+\=\d\s\S{1,3}\=.*?type=\".*?\"\s.*?meth=(?P<type>\S+)\s\S+\=\"(?P<url>.*?)\"\s\S{2}\=\"(?P<agent>.*?)\"\s\S{1,3}\=\"(?P<url2>.*?)dom\=\"(?P<domain>.*?)\".*?target_ip\=\"(?P<dest>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\".*"#).unwrap();
let string = "Oct 18 06:27:03 WS2000.wnins.com h=172.16.20.74: u=\"WNINS\\\\rehetzel\" s=200 X=+ t=1445149621 T=44767 Ts=0 act=1 cat=\"0x2200000008\" app=\"-\" rsn=- threat=\"-\" type=\"image/jpeg\" ctype=\"image/jpeg\" sav-ev=- sav-dv=- uri-dv=- cache=- in=471 out=990 meth=GET ref=\"http://www.techrepublic.com/blog/the-enterprise-cloud/how-do-i-assign-permissions-to-users-to-see-sql-agent-jobs/\" ua=\"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.99 Safari/537.36\" req=\"GET http://d.pzkysq.pink/5ET3nslK.jpg?z=715211411411 HTTP/1.1\" dom=\"pzkysq.pink\" filetype=\"-\" rule=\"0\" filesize=518 axtime=0.000455 fttime=0.000043 scantime=- src_cat=\"0x2000000008\" labs_cat=\"0x2000000008\" dcat_prox=\"-\" target_ip=\"204.93.43.48\" labs_rule_id=\"0\" reqtime=0.000 adtime=0.000000 ftbypass=- os=Windows authn=17 auth_by=ntlm dnstime=0.000009 quotatime=-";
let substitution = "";
// result will be a String with the substituted value
let result = regex.replace(string, substitution);
println!("{}", result);
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Rust, please visit: https://docs.rs/regex/latest/regex/