Ad Widget

Collapse

Regular exp in prerocessing remove some words

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • SkyRanger
    Junior Member
    • May 2020
    • 1
    #1

    Regular exp in prerocessing remove some words

    I added SNMP Trap and can recieve data from it, now i need to parse it data, so i create item for it.
    It seems ok, it recieve data from SNP traps.
    Now i setup preprocessing for it:

    Name: Admin cli command
    Type: Snmp trap
    Key: snmptrap["CISCO-SMI::ciscoMgmt.41.2.0.1"]
    Type: Log

    Preprocessing rules:

    Name: Regular exp
    Params: CISCO-SMI::ciscoMgmt.41.1.2.3.1.5 type=4 value=STRING: "user ([a-zA-Z0-9]*)\sfrom\s([a-zA-Z0-9]*)\s([0-9.]*)\sinput:\s(.*)"
    Output: User \1 с from \3 using \2 run command "\4"

    I get
    2020-05-08 12:12:47 2020-05-08 12:12:46 User admin from 192.168.x.x using ssh run command "commit "
    But it must be

    User admin from 192.168.x.x using ssh run command "do commit "

    why it remove leading "do?"
    Tags: preprocessing, regular expression, snmp, snmptrap
    Previous template Next
    Working...