I have a 4MB log file from the Windows XP firewall which I'm trying to find lines that have both DROP and an IP and a port number. My regex-fu is weak and I'm assuming this is the reason I'm struggling.
The words "DROP", "10.1.1.1" (for example) and "8801" need to be found on the same line and may be spread across the line and separated by one or more other words.
Any help (or suggestions of another method to do this) are much appreciated.
This will do it in notepad++
DROP.*10\.1\.1\.1.*8001
Or a simple regex for different IPs (as you don't need to validate the IP address itself)
DROP.*\d\.\d\.\d\.\d.*8801
This one will solve many things for you:
DROP|\b(?:\d{1,3}\.){3}\d{1,3}\b|8801
It seems notepad++ RegEx does not recognise curly brackets, non-capturing groups or \b. The closest I could find is:DROP\s.*[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+.*\s[0-9]+ orDROP\s\d+\.\d+\.\d+\.+\d+.*\s\d+
Thanks for the answers. Looks like "DROP.*10.1.1.1.*8801" is what i was after, so thanks to Andy and diadistis.
I created the question as an unregeistered user so can't vote up the answers - yet.