回答此问题可获得 20 贡献值,回答如果被采纳可获得 50 分。
<p>我有这个字符串在iptables日志下面,我想解析完整的内容。
我的实际正则表达式解析90%,但我需要所有的内容日志。你知道吗</p>
<p>我的python正则表达式:</p>
<pre><code>regex = re.compile('([^ ]+)=([^ ]+)')
</code></pre>
<p>我也需要这个参数:</p>
<pre><code>Aug 13 17:16:33 app-srv01 kernel: newConnection -
</code></pre>
<p>正则表达式结果:</p>
<pre><code>[('IN', 'eth0'), ('MAC', '56:00:01:a1:5c:b7:fe:00:01:a1:5c:b7:08:00'), ('SRC', '91.103.125.80'), ('DST', '45.33.223.166'), ('LEN', '52'), ('TOS', '0x00'), ('PREC', '0x00'), ('TTL', '113'), ('ID', '21200'), ('PROTO', 'TCP'), ('SPT', '55743'), ('DPT', '445'), ('WINDOW', '8192'), ('RES', '0x00'), ('URGP', '0')]
</code></pre>
<p>日志字符串:</p>
<blockquote>
<p>Aug 13 17:16:33 app-srv01 kernel: newConnection - IN=eth0 OUT=
MAC=56:00:01:a1:5c:b7:fe:00:01:a1:5c:b7:08:00 SRC=91.103.125.80
DST=45.33.223.166 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=21200 DF
PROTO=TCP SPT=55743 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0</p>
</blockquote>
<p>预期输出:</p>
<pre><code>[('Aug 13 17:16:33'), ('app-srv01 kernel:'), ('newConnection -'),
('IN', 'eth0'), ('MAC', '56:00:01:a1:5c:b7:fe:00:01:a1:5c:b7:08:00'), ('SRC',
'91.103.125.80'), ('DST', '45.33.223.166'), ('LEN', '52'), ('TOS', '0x00'), ('PREC',
'0x00'), ('TTL', '113'), ('ID', '21200'), ('PROTO', 'TCP'), ('SPT', '55743'), ('DPT',
'445'), ('WINDOW', '8192'), ('RES', '0x00'), ('URGP', '0')]
</code></pre>
<p>有些人可以帮忙。我在用Python3谢谢</p>