Exaple for --regex

[ch-hf]

Hello,

I've working only with IPv4 and I have error Logs in like followed:
[Mon Jul 18 17:54:15.281165 2022] [ssl:info] [pid 32202] [client 11.22.33.44:11388] Some Text bla...

I try
cat error.log | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
and got sucessful my IP's

Next I try
anonip.py --input error.log -4 8 --regex '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' -d
and got
DEBUG:__main__:Regex did not match!
The same with:
anonip.py --input error.log -4 8 --regex '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}' -d

Any idears?

Regards,
Heiko

[tolimar]

Hi!

After reading Issue 44 I think there is a misunderstanding on the usage of the regexp parameter. Apparently you don't have to specify a regexp to match the IP address, but a regexp to describe where it is.

So based on your example, you might want to use .*client ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})\:[0-9]*\].* as regexp parameter. Note that I placed your regexp in regular brackets, and just but a bit context before and after.

$ echo ' [Mon Jul 18 17:54:15.281165 2022] [ssl:info] [pid 32202] [client 11.22.33.44:11388] Some Text bla...' | \
> anonip -4 8 --regex '.*client ([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})\:[0-9]*\].*'
[Mon Jul 18 17:54:15.281165 2022] [ssl:info] [pid 32202] [client 11.22.33.0:11388] Some Text bla...

Best regards,
Tolimar

[ch-hf]

That's the Info I need.
Thanks for help!