I am trying to search through logs for unusual domains generated by DGAs. I want to use regex to search for domain names with 7-12 characters ending with TLD. The characters are alphanumeric.
For example, abc1djdfkf.xyz
I have used the following regex patterns, but did not see the desired results.
rex field=URL "(?\w{7,12}.(XYZ))$"
... View more