Environment
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows 2000 Server
RedHat Linux
Solaris 9
Situation
Why does my agent crash when I tried to use REGEXPREPLACE or
REGEXSEARCH with the following "/(, (, or \28\”?
Resolution
When using REGEXPREPLACE or REGEXSEARCH with the following "/(, (,
or \28\”, it may cause the agent to crash.
Scenerio:
Data
132.250.196.4(1985) -> 224.0.0.2(1985), 204 packets
Attempted command:
REGEXPREPLACE(s_Rest, "\28\", ":")
REGEXPREPLACE(s_Rest,"\29\", ":")
REGEXPSEARCH(s_Rest,"(/\d+/\./\d+/\./\d+/\./\d+):(/\d+):/\s+->/\s+(/\d+/\./\d+/\./\d+/\./\d+):(/\d+):", i_Found, s_Match, s_SIP, s_SP, s_DIP, s_DP)
The fix is:
You may need to escape both the ( and the / that's used by REGEX to escape the ( character.
i.e. /\/(
======================================================
In some case, the following may work:
REPLACE(s_Rest, "\28\", ":")
REPLACE(s_Rest,"\29\", ":")
REGEXPSEARCH(s_Rest,"(/\d+/\./\d+/\./\d+/\./\d+):(/\d+):/\s+->/\s+(/\d+/\./\d+/\./\d+/\./\d+):(/\d+):", i_Found, s_Match, s_SIP, s_SP, s_DIP, s_DP)
Scenerio:
Data
132.250.196.4(1985) -> 224.0.0.2(1985), 204 packets
Attempted command:
REGEXPREPLACE(s_Rest, "\28\", ":")
REGEXPREPLACE(s_Rest,"\29\", ":")
REGEXPSEARCH(s_Rest,"(/\d+/\./\d+/\./\d+/\./\d+):(/\d+):/\s+->/\s+(/\d+/\./\d+/\./\d+/\./\d+):(/\d+):", i_Found, s_Match, s_SIP, s_SP, s_DIP, s_DP)
The fix is:
You may need to escape both the ( and the / that's used by REGEX to escape the ( character.
i.e. /\/(
======================================================
In some case, the following may work:
REPLACE(s_Rest, "\28\", ":")
REPLACE(s_Rest,"\29\", ":")
REGEXPSEARCH(s_Rest,"(/\d+/\./\d+/\./\d+/\./\d+):(/\d+):/\s+->/\s+(/\d+/\./\d+/\./\d+/\./\d+):(/\d+):", i_Found, s_Match, s_SIP, s_SP, s_DIP, s_DP)