Regular Expression Syntax - Cisco 4215 - Intrusion Detection Sys Sensor Configuration Manual
Configuration guide
Hide thumbs
Also See for 4215 - Intrusion Detection Sys Sensor:
- Hardware installation manual (74 pages)
Table of Contents
Advertisement
Chapter 1
Introducing the CLI Configuration Guide
•
•
Regular Expression Syntax
Regular expressions are text patterns that are used for string matching. Regular expressions contain a
mix of plain text and special characters to indicate what kind of matching to do. For example, if you are
looking for a numeric digit, the regular expression to search for is "[0-9]". The brackets indicate that the
character being compared should match any one of the characters enclosed within the bracket. The dash
(-) between 0 and 9 indicates that it is a range from 0 to 9. Therefore, this regular expression will match
any character from 0 to 9, that is, any digit.
To search for a specific special character, you must use a backslash before the special character. For
example, the single character regular expression "\*" matches a single asterisk.
The regular expressions defined in this section are similar to a subset of the POSIX Extended Regular
Expression definitions. In particular, "[..]", "[==]", and "[::]" expressions are not supported. Also,
escaped expressions representing single characters are supported. A character can be represented as its
hexadecimal value, for example, \x61 equals 'a,' so \x61 is an escaped expression representing the
character 'a.'
Table 1-2
Table 1-2
Character
^
^
$
|
.
*
+
?
78-16527-01
service mode configuration—Entered from global configuration mode by typing
service-name.
The command prompt is
sensor(config-ser)#
name.
multi-instance service mode—Entered from global configuration mode by typing
service-name log-instance-name.
The command prompt is
sensor(config-log)#
instance name. The only multi-instance services in the system are signature definition and event
action rules.
lists the special characters.
Regular Expression Syntax
Description
Beginning of the string. The expression "^A" will match an "A" only at the beginning
of the string.
Immediately following the left-bracket ([). Excludes the remaining characters within
brackets from matching the target string. The expression "[^0-9]" indicates that the
target character should not be a digit.
Matches the end of the string. The expression "abc$" matches the sub-string "abc"
only if it is at the end of the string.
Allows the expression on either side to match the target string. The expression "a|b"
matches "a" as well as "b."
Matches any character.
Indicates that the character to the left of the asterisk in the expression should match 0
or more times.
Similar to * but there should be at least one match of the character to the left of the +
sign in the expression.
Matches the character to its left 0 or 1 times.
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 5.0
, where
is the first three characters of the service
ser
where
is the first three characters of the log
log
Regular Expression Syntax
service
service
1-7
Advertisement
Table of Contents
Troubleshooting
