Community discussions

MikroTik App
 
User avatar
Jotne
Forum Guru
Forum Guru
Topic Author
Posts: 3291
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Better log format

Thu Sep 15, 2022 9:14 pm

I have requested this before. RouterOS do have a messy log format.
Just to extract firewall data I need this complex regex.
(?n)firewall,info\s[Mm]ikro[Tt]ik:\s(?:(?<rule>\S+)\s)?(?<chain>.+?):\sin:(?<in_if>.*?)\sout:(?<out_if>[^,]+),(?:\spacket-mark:(?<packet_mark>\S+))?(?:\sconnection-mark:(?<connection_mark>\S+))?(?:\sconnection-state:(?<connection_state>\S+))?(?:\ssrc-mac\s(?<src_mac>[^,]+),)?\sproto\s(?<protocol>\S+)(\s\((?<flag>[^\)]*)\))?,\s\[?(?<src_ip>(?:\d+\.\d+\.\d+\.\d+|[^\]]+))\]?(?::(?<src_port>[^-]+))?->\[?(?<dest_ip>(?:\d+\.\d+\.\d+\.\d+|[^\]]+))(?:\]?:(?<dest_port>[^,]+))?,\s(?:NAT[^,]+, )?(prio\s(?<prio>[^,]+),\s)?len\s(?<length>\d+)
https://www.debuggex.com/r/FZNFNV2jxscRob_m

Logging mess was also reported to Mikrotik support 5 years ago with feedback that they will look at it. Nothing has happend.
viewtopic.php?t=124291

Who is online

Users browsing this forum: Bing [Bot], dido1236, flapviv, ips, xristostsilis, xrlls and 92 guests