Sign in to follow this  
Followers 0
SpotCheckBilly

Some New Questions

15 posts in this topic

Hey all,

Still working on the same project as >>Here<<. I'm starting a new thread because last time I checked my subscriptions there was a notice saying that they are trimmed if there is no reply after 30 days. Wasn't sure of the protocol in such cases but I figured the moderators would let me know and either merge the topics or delete one of them.

At any rate, a friend of mine at one of the security forums I work at helped me complete the coding that GEOSoft was kind enough to help me get started (thanks again George). In addition to the Paste function, I have since added the Copy line(s) from the list box to the clipboard, the Save As..., clear line(s) (Clear button) and Close Log. Here's the updated code:

;#AutoIt3Wrapper_Au3Check_Parameters=-d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6
#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <ListBoxConstants.au3>
#include <WindowsConstants.au3>
#include <file.au3>
#include <GuiListBox.au3>
#include <Misc.au3>
#include <String.au3>
#include <EditConstants.au3>
#include <Clipboard.au3>
#include<Array.au3>

Opt("GUIOnEventMode", 1)
#Region ### START Koda GUI section ### Form=
$Main = GUICreate("DB Scanner", 641, 443)
GUISetFont(10, 400, 0, "Tahoma")
GUISetOnEvent($GUI_EVENT_CLOSE, "MainClose")
GUISetOnEvent($GUI_EVENT_MINIMIZE, "MainMinimize")
GUISetOnEvent($GUI_EVENT_MAXIMIZE, "MainMaximize")
GUISetOnEvent($GUI_EVENT_RESTORE, "MainRestore")
$Scan = GUICtrlCreateButton("Scan", 28, 359, 90, 35, 0)
GUICtrlSetFont(-1, 14, 400, 0, "Tahoma")
GUICtrlSetOnEvent(-1, "ScanClick")
GUICtrlSetTip(-1, "Scans Database for items in current Log")
$Add = GUICtrlCreateButton("Add", 185, 368, 75, 25, 0)
GUICtrlSetFont(-1, 12, 400, 0, "Tahoma")
GUICtrlSetOnEvent(-1, "AddClick")
GUICtrlSetTip(-1, "Add selection to Database")
$Clear = GUICtrlCreateButton("Clear", 302, 369, 75, 25, 0)
GUICtrlSetFont(-1, 12, 400, 0, "Tahoma")
GUICtrlSetOnEvent(-1, "ClearClick")
GUICtrlSetTip(-1, "Clears selected line")
$Button4 = GUICtrlCreateButton("Create Solution", 451, 360, 150, 35, 0)
GUICtrlSetFont(-1, 14, 400, 0, "Tahoma")
GUICtrlSetOnEvent(-1, "Button4Click")
GUICtrlSetTip(-1, "Generates Formatted Post")
$List1 = GUICtrlCreateList("", 4, 14, 625, 326, BitOR($WS_BORDER, $LBS_NOTIFY, $LBS_DISABLENOSCROLL, $LBS_MULTIPLESEL, $LBS_HASSTRINGS, $WS_HSCROLL, $WS_VSCROLL))
GUICtrlSetBkColor(-1, 0xFFFBF0)
GUICtrlSetFont(-1, 12, 400, 0, "Tahoma")
GUICtrlSetOnEvent(-1, "List1Click")
$Log1 = GUICtrlCreateMenu("&Log")
GUICtrlSetOnEvent(-1, "Log1Click")
$Open = GUICtrlCreateMenuItem("Open (Ctrl+O)", $Log1)
GUICtrlSetOnEvent(-1, "OpenClick")
$Save = GUICtrlCreateMenuItem("Save (Ctrl+S)", $Log1)
GUICtrlSetOnEvent(-1, "SaveClick")
$SavAS = GUICtrlCreateMenuItem("Save As...", $Log1)
GUICtrlSetOnEvent(-1, "SavAsClick")
$Close = GUICtrlCreateMenuItem("Close Log", $Log1)
GUICtrlSetOnEvent(-1, "CloseClick")
$MenuItem1 = GUICtrlCreateMenuItem("Exit", $Log1)
GUICtrlSetOnEvent(-1, "MenuItem1Click")
$Edit = GUICtrlCreateMenu("&Edit")
GUICtrlSetOnEvent(-1, "EditClick")
$Copy = GUICtrlCreateMenuItem("Copy (Ctrl+C)", $Edit)
GUICtrlSetOnEvent(-1, "CopyClick")
$Paste = GUICtrlCreateMenuItem("Paste (Ctrl+V)", $Edit)
GUICtrlSetOnEvent(-1, "PasteClick")
$Delete = GUICtrlCreateMenuItem("Delete (Del)", $Edit)
GUICtrlSetOnEvent(-1, "DeleteClick")
$Database = GUICtrlCreateMenu("&Database")
GUICtrlSetOnEvent(-1, "DatabaseClick")
$Update = GUICtrlCreateMenuItem("Update Database", $Database)
GUICtrlSetOnEvent(-1, "UpdateClick")
$Solution = GUICtrlCreateMenu("&Solution")
GUICtrlSetOnEvent(-1, "Solutionclick")
$CREditor = GUICtrlCreateMenuItem("Cannes Fix Editor", $Solution)
GUICtrlSetOnEvent(-1, "CREditorClick")
$Translator = GUICtrlCreateMenuItem("Translator", $Solution)
GUICtrlSetOnEvent(-1, "TranslatorClick")
$Help = GUICtrlCreateMenu("&Help")
GUICtrlSetOnEvent(-1, "HelpClick")
$MenuItem2 = GUICtrlCreateMenuItem("Help Topics", $Help)
GUICtrlSetOnEvent(-1, "MenuItem2Click")
$About = GUICtrlCreateMenuItem("About DB Scanner", $Help)
GUICtrlSetOnEvent(-1, "AboutClick")
$List1context = GUICtrlCreateContextMenu($List1)
$Cop = GUICtrlCreateMenuItem("Copy Ctrl+C", $List1context)
GUICtrlSetOnEvent(-1, "CopClick")
$Past = GUICtrlCreateMenuItem("Paste Ctrl+V", $List1context)
GUICtrlSetOnEvent(-1, "PastClick")
$Google = GUICtrlCreateMenuItem("Google Ctrl+G", $List1context)
GUICtrlSetOnEvent(-1, "GoogleClick")
GUISetState(@SW_SHOW)
Dim $Main_AccelTable[8][2] = [["^o", $Open],["^s", $Save],["^c", $Copy],["^v", $Paste],["{DEL}", $Delete],["^c", $Cop],["^v", $Past],["^g", $Google]]
GUISetAccelerators($Main_AccelTable)
#EndRegion ### END Koda GUI section ###

While 1
    Sleep(100)
WEnd

Func ScanClick()

EndFunc   ;==>ScanClick
Func AboutClick()
    
EndFunc   ;==>AboutClick
Func AddClick()

EndFunc   ;==>AddClick
Func Button4Click()

EndFunc   ;==>Button4Click
Func ClearClick()
    Local $iIndex
    $hListbox = $List1
    $iIndex = _GUICtrlListBox_GetCurSel($hListbox)
    _GUICtrlListBox_DeleteString($hListbox, $iIndex)
EndFunc   ;==>ClearClick

Func CloseClick()
    GUICtrlSendMsg(7, $LB_RESETCONTENT, 0, 0)
EndFunc   ;==>CloseClick
Func CopClick()
    Local $aItems, $sItems
    $hListbox = $List1
    $aItems = _GUICtrlListBox_GetSelItemsText($hListbox)
    For $iI = 1 To $aItems[0]
        $sItems &= @LF & $aItems[$iI]
    Next
    ClipPut($sItems)
EndFunc   ;==>CopClick
Func CopyClick()

EndFunc   ;==>CopyClick
Func CREditorClick()

EndFunc   ;==>CREditorClick
Func DatabaseClick()

EndFunc   ;==>DatabaseClick
Func DeleteClick()

EndFunc   ;==>DeleteClick
Func EditClick()

EndFunc   ;==>EditClick
Func GoogleClick()

EndFunc   ;==>GoogleClick
Func HelpClick()

EndFunc   ;==>HelpClick
Func List1Click()

EndFunc   ;==>List1Click
Func Log1Click()

EndFunc   ;==>Log1Click
Func MainClose()
    Exit
EndFunc   ;==>MainClose
Func MainMaximize()

EndFunc   ;==>MainMaximize
Func MainMinimize()

EndFunc   ;==>MainMinimize
Func MainRestore()

EndFunc   ;==>MainRestore
Func MenuItem1Click()
    Exit
EndFunc   ;==>MenuItem1Click
Func MenuItem2Click()

EndFunc   ;==>MenuItem2Click

Func OpenClick()
    Dim $aRecords
    $hListbox = $List1
    $handle = FileOpenDialog("", @WorkingDir, "Text Files (*.log; *.txt)")

    If Not _FileReadToArray($handle, $aRecords) Then
        MsgBox(4096, "Error", " Error reading log to Array     error:" & @error)
        Exit
    EndIf

    ; Add strings
    _GUICtrlListBox_BeginUpdate($hListbox)
    For $x = 1 To $aRecords[0]
        _GUICtrlListBox_AddString($hListbox, $aRecords[$x] & @CR)
    Next

    _GUICtrlListBox_UpdateHScroll($hListbox)
    _GUICtrlListBox_EndUpdate($hListbox)
EndFunc   ;==>OpenClick

Func PastClick()
    Dim $text, $aArray, $sStr
    $hListbox = $List1
    $text = ClipGet()
    $sStr = StringReplace(StringReplace($text, @CRLF, @LF), @CR, @LF)
    $aArray = StringSplit($sStr, @LF)
    _GUICtrlListBox_BeginUpdate($hListbox)
    For $i = 1 To $aArray[0]
        _GUICtrlListBox_AddString($hListbox, $aArray[$i] & @CR)
    Next
    _GUICtrlListBox_UpdateHScroll($hListbox)
    _GUICtrlListBox_EndUpdate($hListbox)
EndFunc   ;==>PastClick
Func PasteClick()
    Dim $text, $aArray, $sStr
    $hListbox = $List1
    $text = ClipGet()
    $sStr = StringReplace(StringReplace($text, @CRLF, @LF), @CR, @LF)
    $aArray = StringSplit($sStr, @LF)
    _GUICtrlListBox_BeginUpdate($hListbox)
    For $i = 1 To $aArray[0]
        _GUICtrlListBox_AddString($hListbox, $aArray[$i] & @CR)
    Next
    _GUICtrlListBox_UpdateHScroll($hListbox)
    _GUICtrlListBox_EndUpdate($hListbox)
EndFunc   ;==>PasteClick
Func SavAsClick()
    Local $aItems
    $count = _GUICtrlListBox_GetCount(7) - 1
    $Read1 = ""
    For $i = 0 To $count
        $Read1 = $Read1 & _GUICtrlListBox_GetText(7, $i) & @CRLF
    Next
    $var = FileSaveDialog("", @WorkingDir, "Text Files (*.log; *.txt)", 2)
    If StringRight($var, 4) <> ".txt" Then
        If StringRight($var, 4) <> ".log" Then
            $var = $var & ".txt"
        EndIf
    EndIf
    FileOpen($var, 2)
    FileWrite($var, $Read1)
    FileClose($var)
EndFunc   ;==>SavAsClick
Func SaveClick()

EndFunc   ;==>SaveClick
Func Solutionclick()

EndFunc   ;==>Solutionclick
Func TranslatorClick()

EndFunc   ;==>TranslatorClick
Func UpdateClick()

EndFunc   ;==>UpdateClick

What I'm working on now is extracting certain parts of the string from a line in the list box for use in a Google search function. So for instance this line:

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

Would be sent to the Google search box as:

"761497BB-D6F0-462C-B6EB-D4DAF1D92D43" (TAB key) "ssv.dll"

So far I have come up with this (I just plugged it into an empty function to see if it worked):

Local $aItems, $sItems
    $hListbox = $List1
    $aItems = _GUICtrlListBox_GetSelItemsText($hListbox)
    For $iI = 1 To $aItems[0]
        $sItems &= @LF & $aItems[$iI]
    Next
Local $array, $var1, $var2, $Clip
$array=_StringBetween($sItems, "{", "}")
$var1=_ArrayToString($array, @LF)
$array=_StringBetween($sItems, (StringRight($sItems,0)), "\")
$var2=_ArrayToString($array, @LF)
$Clip=StringFormat("""%s""", $var1, $var2)
Clipput($Clip)

The first line displays properly as "CLSID", but I haven't been able to figure out the code to read from the right end of the line to the first "\". In other words, the file name. That's the first part of the problem. The second is, each section of the log has to be parsed differently. For instance, this section:

O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

We need to be "ISUSScheduler" (TAB key) "issch.exe".

I tried using If StringLeft(sItems, 4)="O2 -" Then $array=_StringBetween($sItems, "{", "}")

EndIf

For the first example, but that didn't work. I know I must be fairly close but once again they seem to be hitting the post. It will really be cool to get this part finished because that will pretty much take care of the line/file function and I can start working on the database section of the program. Once I get that section finished, I think it will be pretty much downhill from there. In other words, I will have finished my very first scripted program.

Thanks in advance for any pointers or suggestions. They and all ideas are gratefully appreciated. -- SCB


[font="Tahoma"]"I was worried 'bout rich and skinny, 'til I wound up poor and fat."-- Delbert McClinton[/font]

Share this post


Link to post
Share on other sites



To read from the right use stringinstr() function and use negative numbers for the occurrence parameter. something like this -

$string = 'O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start' 
$pos = StringInStr($string, '\', 0, -1) 
$newstring = StringTrimLeft($string, $pos) 
MsgBox(0,'',$newstring)

Share this post


Link to post
Share on other sites

Dim $aStr[2] = ['O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll', _
                'O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start']

Dim $sPatt = '(?=[[{])[{[]([^{[]*)[\]}].*\\([^\Q\/:*?"<>|\E]*)'
Dim $aMatch

For $i = 0 To 1
    $aMatch = StringRegExp($aStr[$i], $sPatt, 3)
    
    If UBound($aMatch) = 2 Then
        ConsoleWrite('"' & $aMatch[0] & '"' & @TAB & '"' & $aMatch[1] & '"' & @LF)
    EndIf
Next

Share this post


Link to post
Share on other sites

Thanks so much for the responses. Both of them are very helpful.

@bchris01 -- Very clever. Looks like I need to do more studying. I had come to the conclusion that I would have to trim the line from the left but completely missed how to get there. It would seem that I have yet to fully grasp the concept of "you have to tell it (the computer) step by step exactly what to do." I still don't break things down far enough.

@Authenticity -- Your code works just like I wanted. I understand how all of it works but you lost me completely at the pattern ($sPatt). I went to the webpage that is linked in the AutoIt help file and left even more confused than when I started. The references to two different programs (or two different versions of the same program, whichever), and how the different characters meant different things depending on whether this program (function?) or that program (function?) was being used did not make things any more clear.

There are actually several more line formats that I will need to include before and finished with that section and since I can see how StringRegExp is a very handy function, I should really get a handle on how to create the patterns. If you have any websites that use or have used to learn how to do them, I would appreciate the links.

Thanks once again and I hope that it won't be more than 30 days until I can come back with an update. -- SCB :):)


[font="Tahoma"]"I was worried 'bout rich and skinny, 'til I wound up poor and fat."-- Delbert McClinton[/font]

Share this post


Link to post
Share on other sites

Here's a pretty good guide to get you started with RegExp. Link

Share this post


Link to post
Share on other sites

http://www.regular-expressions.info/index.html

I've found the book "Mastering Regular Expression" to be truly a bible of a kind, because the writer has been working on a version and suggestions to many Regular Expression flavors such as Perl's or PHP's and has participate in the overall revolution of the engine. He knows what he's talking about.

Share this post


Link to post
Share on other sites

Thanks for the links -- both of them. I sort of got the impression that that Regular Expressions function was pretty important because I see it all the time while researching. This Google search function is one of the most important of the entire project. The log files that I'm analyzing each display the same information with slightly different formats so being able to extract the pertinent information for the Google search will make my life much easier.

This project is pretty ambitious for a total rookie which is why I ask what may seem to be questions that I should know the answers to (or at least have the background to answer them).

@Authenticity -- thanks for the book reference. The problem (and what started this whole project in the first place) is that due to complications of diabetes, I have macular degeneration, my vision is very poor. I'm unable to read the type size in virtually any book. Even online I have to crank the font size up to the point where I need to do lots of horizontal scrolling. This makes reading the diagnostic log files that were used in security work very tiring. When my project is finished the only things that I will need to read will be entries not contained in the database I am searching. These will be the lines that I Google.

At any rate, thanks again for the links. I'm sure the information contained in them will help me complete my recognition pattern although I'm pretty sure I'll also be back with more questions. -- SCB :)


[font="Tahoma"]"I was worried 'bout rich and skinny, 'til I wound up poor and fat."-- Delbert McClinton[/font]

Share this post


Link to post
Share on other sites

I was just reading the tutorial located >>Here<<. I went ahead and DL'd StrRegExpGUI.au3 but it doesn't work. It errors out possibly because it was written for an earlier version of AutoIt? So I'm wondering if there is an updated version available. Or perhaps someone could tell me why it's not working. Either way would be great. It looks like it would be a very helpful tool. Perhaps there is another, similar tool available.

Thanks a lot in advance. -- SCB


[font="Tahoma"]"I was worried 'bout rich and skinny, 'til I wound up poor and fat."-- Delbert McClinton[/font]

Share this post


Link to post
Share on other sites

Remove the Opt line, this option doesn't exist (anymore...) and add the following includes at the header:

#include <EditConstants.au3>
#include <WindowsConstants.au3>

Share this post


Link to post
Share on other sites

Thanks Authenticity. Now it works. I also found a program online called RegExpBuddy. I figured it would be a worthwhile investment since (at least in AutoIt) regular expressions seem to be something that is used a lot. It also looks like it's used in Visual Basic as well. I expect that as long as I continue learning about programming this sort of tool would be very handy. Have you heard of it?


[font="Tahoma"]"I was worried 'bout rich and skinny, 'til I wound up poor and fat."-- Delbert McClinton[/font]

Share this post


Link to post
Share on other sites

Nope. If something is not traversing the expression in the way I've innocently expected then I use the compiled pcretest-7.8.exe available here and use the (?C) callout procedure to print how the pattern traverse it's way through the string, then output to a file to see it visually.

Here is an example of such a path:

PCRE version 7.8 2008-09-05

/\b(?m)(?C)(?<!^)(?>(?:(?C)[01]?\d?\d|25[0-5]|2[0-4]\d)\.){3}(?:(?C)[01]?\d?\d|25[0-5]|2[0-4]\d)\b/g
192.168.1.12 Client1\n#192.168.1.1 Server\n89.43.123.165 Server\n203.019.000.277 nonValid\n010.300.0111.11111 nonValid
--->192.168.1.12 Client1\x0a#192.168.1.1 Server\x0a89.43.123.165 Server\x0a203.019.000.277 nonValid\x0a010.300.0111.11111 nonValid
  0 ^                                                                                                                                  (?<!^)
  0    ^                                                                                                                               (?<!^)
  0    ^                                                                                                                               [01]?
  0     ^                                                                                                                              (?<!^)
  0     ^                                                                                                                              [01]?
  0     ^   ^                                                                                                                          [01]?
  0     ^     ^                                                                                                                        [01]?
  0        ^                                                                                                                           (?<!^)
  0        ^                                                                                                                           [01]?
  0         ^                                                                                                                          (?<!^)
  0         ^                                                                                                                          [01]?
  0         ^ ^                                                                                                                        [01]?
  0          ^                                                                                                                         (?<!^)
  0          ^                                                                                                                         [01]?
  0           ^                                                                                                                        (?<!^)
  0           ^                                                                                                                        [01]?
  0             ^                                                                                                                      (?<!^)
  0             ^                                                                                                                      [01]?
  0              ^                                                                                                                     (?<!^)
  0              ^                                                                                                                     [01]?
  0                     ^                                                                                                              (?<!^)
  0                     ^                                                                                                              [01]?
  0                          ^                                                                                                         (?<!^)
  0                          ^                                                                                                         [01]?
  0                          ^   ^                                                                                                     [01]?
  0                          ^       ^                                                                                                 [01]?
  0                          ^         ^                                                                                               [01]?
 0: 192.168.1.1
  0                                     ^                                                                                              (?<!^)
  0                                     ^                                                                                              [01]?
  0                                      ^                                                                                             (?<!^)
  0                                      ^                                                                                             [01]?
  0                                            ^                                                                                       (?<!^)
  0                                            ^                                                                                       [01]?
  0                                                ^                                                                                   (?<!^)
  0                                                  ^                                                                                 (?<!^)
  0                                                  ^                                                                                 [01]?
  0                                                   ^                                                                                (?<!^)
  0                                                   ^                                                                                [01]?
  0                                                   ^  ^                                                                             [01]?
  0                                                   ^      ^                                                                         [01]?
  0                                                     ^                                                                              (?<!^)
  0                                                     ^                                                                              [01]?
  0                                                      ^                                                                             (?<!^)
  0                                                      ^                                                                             [01]?
  0                                                      ^   ^                                                                         [01]?
  0                                                         ^                                                                          (?<!^)
  0                                                         ^                                                                          [01]?
  0                                                          ^                                                                         (?<!^)
  0                                                          ^                                                                         [01]?
  0                                                             ^                                                                      (?<!^)
  0                                                             ^                                                                      [01]?
  0                                                              ^                                                                     (?<!^)
  0                                                              ^                                                                     [01]?
  0                                                                    ^                                                               (?<!^)
  0                                                                    ^                                                               [01]?
  0                                                                        ^                                                           (?<!^)
  0                                                                           ^                                                        (?<!^)
  0                                                                           ^                                                        [01]?
  0                                                                            ^                                                       (?<!^)
  0                                                                            ^                                                       [01]?
  0                                                                            ^   ^                                                   [01]?
  0                                                                            ^       ^                                               [01]?
  0                                                                               ^                                                    (?<!^)
  0                                                                               ^                                                    [01]?
  0                                                                                ^                                                   (?<!^)
  0                                                                                ^                                                   [01]?
  0                                                                                ^   ^                                               [01]?
  0                                                                                   ^                                                (?<!^)
  0                                                                                   ^                                                [01]?
  0                                                                                    ^                                               (?<!^)
  0                                                                                    ^                                               [01]?
  0                                                                                       ^                                            (?<!^)
  0                                                                                       ^                                            [01]?
  0                                                                                        ^                                           (?<!^)
  0                                                                                        ^                                           [01]?
  0                                                                                                ^                                   (?<!^)
  0                                                                                                ^                                   [01]?
  0                                                                                                    ^                               (?<!^)
  0                                                                                                       ^                            (?<!^)
  0                                                                                                       ^                            [01]?
  0                                                                                                        ^                           (?<!^)
  0                                                                                                        ^                           [01]?
  0                                                                                                           ^                        (?<!^)
  0                                                                                                           ^                        [01]?
  0                                                                                                            ^                       (?<!^)
  0                                                                                                            ^                       [01]?
  0                                                                                                                ^                   (?<!^)
  0                                                                                                                ^                   [01]?

It may not align correctly on the page but if you open it using WordPad you'll see it nicely aligned and descriptive. It may not be optimal way though.

Share this post


Link to post
Share on other sites

I'll have to check that tool out. Especially since it's free. LOL

Here's the same expression output from RegExBuddy. It doesn't show in this plain text, but each line is preceded by a color-coded icon used as a visual aid in teaching RegEx construction. The help/tutorial file, while not as extensive as AutoIt's, looks like it would do a good job as a learning tool.

Example

/\b(?m)(?C)(?<!^)(?>(?:(?C)[01]?\d?\d|25[0-5]|2[0-4]\d)\.){3}(?:(?C)[01]?\d?\d|25[0-5]|2[0-4]\d)\b/g

Match either the regular expression below (attempting the next alternative only if this one fails) «/\b(?m)(?C)(?<!^)(?>(?:(?C)[01]?\d?\d|25[0-5]|2[0-4]\d)\.){3}(?:(?C)[01]?\d?\d»
   Match the character “/” literally «/»
   Assert position at a word boundary «\b»
   Match the remainder of the regex with the options: ^ and $ match at line breaks (m) «(?m)»
   Erroneous characters (possibly incomplete regex token or unescaped metacharacters) «(?»
   Match the character “C” literally «C»
   Erroneous characters (possibly incomplete regex token or unescaped metacharacters) «)»
   Assert that it is impossible to match the regex below with the match ending at this position (negative lookbehind) «(?<!^)»
      Assert position at the beginning of a line (at beginning of the string or after a line break character) «^»
   Atomic group.  Match the regex below, and do not try further permutations of it if the overall match fails. «(?>(?:(?C)[01]?\d?\d|25[0-5]|2[0-4]\d)»
      Match either the regular expression below (attempting the next alternative only if this one fails) «(?:(?C)[01]?\d?\d»
         Match the regular expression below «(?:(?C)»
            Erroneous characters (possibly incomplete regex token or unescaped metacharacters) «(?»
            Match the character “C” literally «C»
         Match a single character present in the list “01” «[01]?»
            Between zero and one times, as many times as possible, giving back as needed (greedy) «?»
         Match a single digit 0..9 «\d?»
            Between zero and one times, as many times as possible, giving back as needed (greedy) «?»
         Match a single digit 0..9 «\d»
      Or match regular expression number 2 below (attempting the next alternative only if this one fails) «25[0-5]»
         Match the characters “25” literally «25»
         Match a single character in the range between “0” and “5” «[0-5]»
      Or match regular expression number 3 below (the entire group fails if this one fails to match) «2[0-4]\d»
         Match the character “2” literally «2»
         Match a single character in the range between “0” and “4” «[0-4]»
         Match a single digit 0..9 «\d»
   Match the character “.” literally «\.»
   Erroneous characters (possibly incomplete regex token or unescaped metacharacters) «)»
   Quantifiers must be preceded by a token that can be repeated «{3}»
   Match the regular expression below «(?:(?C)»
      Erroneous characters (possibly incomplete regex token or unescaped metacharacters) «(?»
      Match the character “C” literally «C»
   Match a single character present in the list “01” «[01]?»
      Between zero and one times, as many times as possible, giving back as needed (greedy) «?»
   Match a single digit 0..9 «\d?»
      Between zero and one times, as many times as possible, giving back as needed (greedy) «?»
   Match a single digit 0..9 «\d»
Or match regular expression number 2 below (attempting the next alternative only if this one fails) «25[0-5]»
   Match the characters “25” literally «25»
   Match a single character in the range between “0” and “5” «[0-5]»
Or match regular expression number 3 below (the entire match attempt fails if this one fails to match) «2[0-4]\d)\b/g»
   Match the character “2” literally «2»
   Match a single character in the range between “0” and “4” «[0-4]»
   Match a single digit 0..9 «\d»
   Erroneous characters (possibly incomplete regex token or unescaped metacharacters) «)»
   Assert position at a word boundary «\b»
   Match the characters “/g” literally «/g»

Created with RegexBuddy

Incidentally, the log files that I am analyzing contain several other lines that need information extracted in a similar fashion, except for the fact that they will be only outputting one "selection", not two. So I'm wondering if, rather than adding them to the Regex you posted earlier (which may be just a recipe for disaster), or if a Regex should be created for each one. If we create Regex's for each one, would we then modify your earlier code using an If......Then......Else...... loop? Or would it be better just to create one long Regex covering all options?

Thank you for your continued assistance. Your insight is really helpful. -- SCB


[font="Tahoma"]"I was worried 'bout rich and skinny, 'til I wound up poor and fat."-- Delbert McClinton[/font]

Share this post


Link to post
Share on other sites

#13 ·  Posted (edited)

Well, the expression is not meant to be a part of a bigger expression, even if inserting it as an alternation of a greater expression, so I guess that it's prone to be a disaster. Can you post a short list of your log content?

About the previous expression. For the pcretest-7.8.exe as well as for some other tools it's required to specify the delimiters of the expression so the tool can understand what is the replacement or what flags to use. So the first and last '/' are not part of the expression, they could easily be ! or # as long as it's a valid delimiter. Overall, it's nice the read what the tool can explain to you using a descriptive words ;]

Edit: I wish it could tell you: "Match an IP string only if not presented at the start of a new line" :)

Edited by Authenticity

Share this post


Link to post
Share on other sites

Hi Authenticity,

"...So the first and last '/' are not part of the expression,..."

I think I understand that. So then when you would actually use the expression, you would eliminate the leading and trailing "/"'s?

I expect that writing one huge Regexp to cover all the permutations in the logs that I'm analyzing would be difficult, to say the least. I'm a little uneasy about posting much of those log files in an open forum. I'll shoot you a PM regarding those.

RegexpBuddy can create expressions for: JGsoft, .NET, Java, Perl, PCRE, Javascript, Python, Ruby, Td ARE, POSIX BRE, POSIX ERE, Gnu BRE, Gnu ERE, XML-Schema and Xpath. Which of these does AutoIt conform to? Seems to me I've seen references to Perl and PCRE, but it would be nice to be sure.

Regarding your Edit, I'll check the documentation to see if maybe it can. Although I have a hunch that you are correct and it can't. :) -- SCB


[font="Tahoma"]"I was worried 'bout rich and skinny, 'til I wound up poor and fat."-- Delbert McClinton[/font]

Share this post


Link to post
Share on other sites

After I saw that it's possible to use non-fixed length match within a look-around constructs I'm quite sure the engine in AutoIt conform to the Perl in the PCRE :) Still, there are no such things like dynamic regex constructs (it's possible to achieve it via a preregistered callback procedure though), looks like (??{ Perl code}). Also the embedded code construct is not supported yet, looks like (?{ arbitrary perl code }). All according to the Perl man page, also according to Jeffrey E. F. Friedl's book.

One thing the he noted there in the efficient regexp crafting chapter is to avoid awkward patterns as much as possible if it's not a single piece of a match like a date or so. If the pattern will eventually involve a lot of backtracking you've achieved absolutely nothing.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0