Reputation: 1223
Regex Matching Certain Lines
I am trying to clean some Data that I get from a command. The issue is the data is repeated for different cases and spread on multiple lines. I added the Data at the end of the question.
I am trying to Grab the Domain|Private|Public with their state ON|OFF
an example output would be this
Domain OFF
Private ON
Public OFF
because of the multiple lines and my limited knowledge of Regex, I can only match one line. Can someone please help me with this regex.
Data Sample:
Domain Profile Settings:
----------------------------------------------------------------------
State OFF
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Enable
UnicastResponseToMulticast Enable
Logging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Private Profile Settings:
----------------------------------------------------------------------
State OFF
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Enable
UnicastResponseToMulticast Enable
Logging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Public Profile Settings:
----------------------------------------------------------------------
State OFF
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Enable
UnicastResponseToMulticast Enable
Logging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Ok.
Upvotes: 0
Views: 165
Answers (4)
Reputation: 1223
This solved my question:
%{$_.Replace(' Profile Settings: ', '')} |
where {$_ -match '(Domain|Public|Private|State)'} |
%{$_ -Replace('State *','')}
Thanks for all the help guys!
Upvotes: 1
Reputation: 68263
Try this:
$file = <filename to search>
select-string -Pattern 'Domain|Private|Public Profile Settings' -Path $file -Context 0,2 |
foreach {[PSCustomObject]@{
Type = $_.line.split()[0]
Setting = $_.Context.PostContext[1].split()[-1]
}
} | ft -AutoSize
That uses the -Context parameter of Select-String to grab the next 2 lines after the Profile string, and parse the setting from the PostContext. You may want to replace the splits with -replace, depending on your data.
Upvotes: 0
Reputation: 9262
Assuming you're using a PCRE compliant regex, this should do it:
/(Domain|Public|Private)\s+.*?State\s+(ON|OFF)/gs
Demo: http://regex101.com/r/pG3iI6
Upvotes: 3
Reputation: 41958
(Domain|Public|Private).*?^State\s+(ON|OFF)
You will need to enable dotall and multiline flags - how to do this depends on your specific environment.
The regexp in order first recognizes and stores the scope keyword, then skips a non-greedy amount of random characters until the State string is encountered at the start of a line (due to the ^ character), and then an arbitrary number of whitespace characters are allowed before encountering either ON or OFF. Both the scope and the state are returned as actual matches. The use of .*? in the middle ensures that the match also works if State isn't on the first line.
Upvotes: 3
Related Questions
- Powershell - Regex match multiple lines from file
- PowerShell multiline match with regex
- RegEx capturing string several lines behind
- Extract specific multiple string from lines via regex
- how to use regex for each line in a file in powershell
- Match multiple lines with Powershell regex
- match multi-line string
- REGEX for multiple lines - powershell
- Multiline regex match in PowerShell
- Find a match on specific line