Using Regular Expressions In Argent Products
Overview
What Are Regular Expressions?
The term Regular Expressions refers to a nomenclature set that allows for powerful string matching in computer programs
Various languages offer support for the concept of Regular Expressions, and Argent employs the Microsoft Visual Basic Script implementation of Regular Expressions in our products
Which Products Use Regular Expressions?
All the Argent Advanced Technology products that include the Windows System Performance Rule Type support the use of Regular Expressions in the “How To Test Multiple Instances” of the Rule criteria
In addition, the Argent Guardian Ultra supports the use of Regular Expressions in the “Content Of Command Line Output Contains” criteria of System Command Rules and the “File Path” of a System File Rule
Also, the Argent Data Consolidator supports the use of Regular Expressions in the “File Path” of an ASCII Log Rule as well as in the Filter and Alert tabs to precisely archive and alert on the log file contents, respectively
Common Uses For Regular Expressions
Position Matching
^string Match the beginning of a string
Example: “^Failed” matches “Failed to authenticate” but not “Backup Failed“
string$ Match the end of a string
Example: “Failed$” matches “Backup Failed“, but not “Failed to Authenticate“
\b Match word boundary
Example: “failure\b” matches ‘failure’ in “Error: Redundancy failure in PS 3/4“
Literal Character Matching
Any Alphanumeric Matches alphabetic and numeric characters
Example:
Special Characters
\n Matches new line
\t Matches horizontal tab
\. Matches dot (.)
\\ Matches slash (\)
Character Classes
[a-zA-Z] Matches a single alphabetic character
[0-9] Matches a single numeric character
\d Matches any digit (same as [0-9])
\s Matches any space character (same as [\t\r\n\v\f])
A ^ as the first character inside the brackets negates the character class
Example: [a-zA-Z] matches the first ‘C’ in the string “35077-22C-PN6C“
Example: [0-9] matches the ‘3’ in the string “35077-22C-PN6C“
Example: [^0-9\.] matches ‘b’ in the string “2.0.54b“
Repetition
{x} Matches exactly x number of occurrences of the preceding regular expression
{x,} Matches x or more occurrences of the preceding regular expression
{x,y} Matches x to y number of occurrences of the preceding regular expression
Example: “\d{3}” Matches “345” in the string “AB-C345-ZZ“
Example: “\d{3,}” Matches “3456” in the string “AB-C3456-ZZ” but does not match anything in “ZZ-C32YY-4A“
Alternation & Grouping
() Allows you to group individual clauses
| Allows you to combine clauses into a single regular expression (think OR)
Example: “(“error”|”failed”|”incomplete”)” matches strings containing “error”, “failed”, or “incomplete”
Argent Examples
RegEx Example: Argent Guardian Ultra W200X Performance Rule
In this example, we want to test the Rule criteria (under-loaded CPU) against only the enumerated instances of the CPU, not the _Total instance
Here is the Rule definition, screen by screen:
Screen G10, Argent Guardian Ultra W200x Performance Rule Definition
Screen A1B, Events And Alerts Tab In Applications
RegEx Example: Argent for Compliance
In this example, we are using a Regular Expression both to determine which Log file entries are archived into the backend database and another Regular Expression to determine which entries will post Events to the Argent Console
Here is the Rule definition, screen by screen:
Screen P6, Windows File Rule Definition Of WIN_LOG_TEST
Screen A1B, Events And Alerts Tab In Events
Additional Resources:
Microsoft Beefs Up VBScript With Regular Expressions
Microsoft Regular Expression Syntax