Hi,
My requirement is to parse a syslog containing IPv6 address. I am using
Jakarta ORO library.
Syslog looks like:
String syslog = "Built inbound TCP connection 33455 for
inside:a123:0:0:0:a:0022:020:0023/64444 (10.2.192.210/8888) to
outside:ff02:0:0:0:0:1:ff32:5ed1/1024 (21.1.1.1/998)";
String IP_ADDR_REGEX =
"([0-9a-fA-F]{1,4}(:[0-9a-fA-F]{1,4}){0,6}:?(:[0-9a-fA-F]{1,4}){1,6})";
String PORT_REGEX ="(\\d+)";
String INTERFACE_REGEX="([^:]+)";
Pattern = "Built inbound TCP connection 33455 for "+ INTERFACE_REGEX + ":" +
IP_ADDR_REGEX + "/" + PORT_REGEX + " (10.2.192.210/8888) to " +
INTERFACE_REGEX + ":" + IP_ADDR_REGEX + "/" + PORT_REGEX + " (21.1.1.1/998
)";
PatternCompiler c = new Perl5Compiler();
PatternMatcher m = new Perl5Matcher();
if (m.matches(syslog, pattern)
{
MatchResult results = matcher.getMatch();
}
When I do
for (int i=0; i < results.length; i++)
{
System.out.println(results[i]);
}
It prints the IPv6 address properly as results[1] ...I am expecting Port
Number as results[2].. But it prints a part of IPv6 address as results[2]..
Also results contains 8 results instead of 6 matches.
So, how do I make it to contain only top-level matches in the results? How
to make it to match only 6 results as I am expecting..
I know that this problem is being caused by inner brackets () of the
IP_ADDR_REGEX ..
How to fix it??
Thanks,
Sandeep
