On Apr 19, 2006, at 9:13, Murphy, Ged (Bolton) wrote:
Hi all.
I have a log containing strings as follows :
21259 audit O 72398 Mar 09 00:18 dll/ldr/elf.c
The format is the same throughout with the exception of the 'O', as it
doesn't always appear.
I need to match when the 'O' appears and when it does, I need to save
the file path, i.e. 'dll/ldr/elf.c'
Here is a snippet from my code containing my regex
if (/\sO\s.+([\w\/]+)$/) {
print "found $1\n";
Based on yours, the regexp would be for instance:
\sO\s.+\s(\S+)$
Note that assumes no other field can be "O" except in those cases,
you can add restrictions as needed if that does not hold.
You could base that on split as well, it may be more readable:
my @fields = split;
print "found $fields[-1]\n" if $fields[2] eq "O";
-- fxn
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
