I need to extract an IP address from a log message to identify the cause of the issue.
I am using this complex event processing from dataanalytics360.com
The current system is having a regex to extract the ipv4 address which is
^.* (([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})) .*$
What should be the regex to extract an ipv6 address. I need to extract the hexadecimals but when I saw examples it shows something in "/" formats also. what does the "/" signify.
Any help appreciated.
Thanks Chris
Try out these 4 options
you will have to write them one by one.. and which ever regex matches .. it will yield the extracted values. you can write them all in a single parsing rule or create separate rule for each match
strIPv6Pattern = "\A(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}\z"
strIPv6Pattern_HEXCompressed = "\A((?:[0-9A-Fa-f]{1,4}(?::[0-9A-Fa-f]{1,4}))?)::((?:[0-9A-Fa-f]{1,4}(?::[0-9A-Fa-f]{1,4}))?)\z"
StrIPv6Pattern_6Hex4Dec = "\A((?:[0-9A-Fa-f]{1,4}:){6,6})(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\z"
StrIPv6Pattern_Hex4DecCompressed = "\A((?:[0-9A-Fa-f]{1,4}(?::[0-9A-Fa-f]{1,4}))?) ::((?:[0-9A-Fa-f]{1,4}:))(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\z"