Re: Help with regex on whitelist

a212830 · ‎12-12-2017

Hi,

I need to whitelist on the following:

SIPServer-RTP-Routing1-PR-001.20171212_124642_595.log

Anything that has SIPServer, then anything, and then "-PR-001", following the timestamp and then .log.

My attempt... whitelist = SIPServer-???-Routing?-PR-001.*.log

Maverick904 · ‎12-12-2017

Can you please try below query and confirm if it fulfill your requirement.

1.   (?<FileName>SIPServer-.*?-Routing[a-zA-Z0-9]-PR-001.\d+_\d+_\d+.log)

mayurr98 · ‎12-12-2017

hey @a212830,

Try this in inputs.conf, It will work 100%

[monitor://<mention path>]
whitelist = SIPServer-.*-PR-001\.\d+_\d+_\d+\.log

Let me know if it helps!

hardikJsheth · ‎12-12-2017

If you want to consider both Routing and PR-001, you can use following regex:

SIPServer-\w*-Routing\d*-PR-001.[0-9_]+.log

wenthold · ‎12-12-2017

This should work, but you may want to adjust it based upon the format of the timestamps you might see...

SIPServer.*?-PR-001\.[0-9]{8}_[0-9]{6}_[0-9]{3}\.log$

Less strict:

SIPServer.*?-PR-001\.[0-9_]+.log$

Help with regex on whitelist