My program will issue a grep command to search the log base on time range and a unique key word. My program able to issued out the grep command successfully and it’s return several matched line of log which look like the following:
22:41.9 INFO SSHD SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:Logout agent success [accountName=null remoteAddress=STEDGE/172.16.8.3] AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl executeLogoutAgent 429 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN 21:45.9 INFO SSHD SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:Invoking logout agent [accountName=null remoteAddress=STEDGE/172.16.8.3] AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl executeLogoutAgent 425 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN 21:45.9 INFO SSHD SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:SSH: User "null" logged out from [172.16.8.1]. AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl executeLogoutAgent 422 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN
But I don’t need all of this, the things I am interested in is [remoteAddress=/172.16.8.1:64931]. This line of code Pattern pat1 = Pattern.compile("remoteAddress=/(d)"); giving the illegal escape character. May I know how to extract out the IP address only without any port number and store it into a String variable, I had searched some information on google but it fails to work.
For your reference, this is my source code:
import java.io.*;
import java.util.regex.*;
class blockIP
{
public static void main(String [] args)
{
String command1 = "date +%R";
String time = null;
String argument2 = null;
String argument1 = ".*java";
try
{
Process p1 = Runtime.getRuntime().exec(command1);
BufferedReader br1 = new BufferedReader(new InputStreamReader(p1.getInputStream()));
String line1;
while((line1 = br1.readLine()) != null )
{
System.out.println(line1);
time = line1;
argument2 =time.concat(argument1);
}
br1.close();
String command2 = "grep "+argument2+" stlog.txt";
System.out.println("the command2 is :"+command2);
Process p2 = Runtime.getRuntime().exec(command2);
BufferedReader br2 = new BufferedReader(new InputStreamReader(p2.getInputStream()));
String line2;
while((line2 = br2.readLine()) != null)
{
System.out.println(line2);
Pattern pat1 = Pattern.compile("remoteAddress=/(d)");
Matcher matcher1 = pat1.matcher(line2);
while(matcher1.find())
{
System.out.println(matcher1.group(1));
}
}
}
catch(IOException e)
{
e.printStackTrace();
}
}
}
Advertisement
Answer
This regex matches digits and dots after remoteAddress=/ phrase.
public static void main(String[] args) {
String s = "21:45.9 INFO SSHD SSHD-TRANSFER-1 [accountName=root] [remoteAddress=/172.16.8.1:64931]:Invoking logout agent [accountName=null remoteAddress=STEDGE/172.16.8.3] AuthenticationProviderImpl.java com.tumbleweed.st.server.sshd.AuthenticationProviderImpl executeLogoutAgent 425 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWNrn";
Pattern pattern = Pattern.compile("(?<=remoteAddress=/)[\d.]+");
Matcher matcher = pattern.matcher(s);
while (matcher.find()) {
String group = matcher.group();
System.out.println(group);
}
}
It won’t match remoteAddress=STEDGE/172.16.8.3.
It uses positive lookbehind to assert that (?<=remoteAddress=/) is before 172.16.8.1
Pattern:
(?<=remoteAddress=/) positive lookbehind(zero-length assertion). It matches only if [\d.]+ is preceded by exact phrase remoteAddress=/.
[\d.]+ match digit or period . for 1 or more times. Doesn’t match anything else.