[Zeek] Regex - Can you return the matched pattern using sub?
Jonah Burgess
jburgess03 at qub.ac.uk
Wed Aug 14 12:08:06 PDT 2019
Furthermore, is there an alternative to match_pattern that returns all matches for a pattern?
It would probably help if I could more better documentation about regex functions in Zeek.. I have this: https://docs.zeek.org/en/stable/scripts/base/utils/patterns.bro.html but if anybody could recommend more resources it would be appreciated.
Thanks,
Jonah
From: Jonah Burgess<mailto:jburgess03 at qub.ac.uk>
Sent: 14 August 2019 12:20
To: zeek at zeek.org<mailto:zeek at zeek.org>
Subject: [Zeek] Regex - Can you return the matched pattern using sub?
Hi,
Can I replace a pattern in a string with “” but also return the matched pattern?
Basically I am extracting different blocks of text from a string using match_pattern() but then at the end, I want to search all the remaining text (minus the blocks that were already extracted).
I tried simply calling gsub(data, pattern, “”) just after calling block[n] = match_pattern(data, pattern) but this didn’t seem to benefit performance at all. I’m sure there must be a better way :/
Thanks in Advance,
Jonah
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190814/11b37952/attachment.html
More information about the Zeek
mailing list