Windows security log regex with multi operator

Comments

1 comment

  • Avatar
    Shobhit Garg

    Hi Deniel,

    "multi" should always come before "nodrop"

    And if you can give us some sample logs then it would be easy, as the current regex does not work as it simply matches everything. See the below link

    https://regex101.com/r/qblViO/1

    Regards

     

    0
    Comment actions Permalink

Please sign in to leave a comment.