Below are the DNS Sample logs where i need to write a regex to capture the Hostname "Renju123". The log format structure is little different on both samples.
The log samples are given below:
"2018-12-12 13:25:30","Renju, Jacob,M(renjutest)","Renju, Jacob, M (rtest),Renju123,Default Site,Test/firewall","10.221.5.136","XXX.XXX.XXX.XXX","Allowed","16 (A)","NOERROR","1XX.1X.1XX.1XX.Test.com.","Computer Security"
"2018-12-12 13:09:55","rtest","Renju123,Default Site,Renju Renju/Renju","10.250.33.85","XXX.XXX.XXX.XXX","Allowed","12 (PTR)","NOERROR","1XX.1X.1XX.1XX.Test.com.","Software/Technology"
The regex which i used is only capturing the first log hostname
(?P(?<=),).*?(?=,.?Default)) link here
But i would like to have a single regex to capture HostNames (Renju123) from both the sample logs
What you might do (according to the comments) is match a double quote or a comma 1+ times using
[",]+and then capture in a group matching 1+ word characters. Then,Defaultfollows so that you could match again:Your match will be in the
HostNamegroup.Regex demo
If your hostname starts with a word character, you could use lookarounds and a word boundary
\bRegex demo