Known Good Regex Filter Library
I'd like to start a known good regex filter thread. I'm not a regex expert and I'm guessing there are many other admins out there who aren't either. I'd like to be able to search this repository for common items so I don't have to open a support ticket every time I need to perform a specific task.
Here are two RegEx filters I'm using today which work. Please add comments with new filters as you write them, and if you improve or extend on one, please post it back to the community so we can all benefit.
1) Exclude Informational events from Windows Event Logs:
(?s).*Type\s+=\s+\"Information.*(?s).*
2) Exclude health checks from gathered IIS logs
(.*HTTP-Monitor.*) | (.*pingdom.*) | (.*akamai-test-object.*)
-
Here is an article on masking credit card numbers from log messages. This is a masking filter useful for compliance.
Please sign in to leave a comment.
Comments
2 comments