i have strings with Following pattern in python :
2011-03-01 14:10:43 C:\Scan\raisoax.exe detected Trojan.Win32.VBKrypt.agqw
how get substrings: C:\Scan\raisoax.exe and Trojan.Win32.VBKrypt.agqw
between string is tab
Add a comment
|
5 Answers
A solution using regexes:
s = "2011-03-01 14:10:43 C:\Scan\raisoax.exe detected Trojan.Win32.VBKrypt.agqw"
reg = re.match(r"\S*\s\S*\s(.*)[^\ ] detected\s+(.*)",s)
file,name = reg.groups()
This will catch files with spaces in them as well. It will fail if you have files with " detected " in them. (you can add a forward assertion to fix that as well.
Comments
just use the substring method of a python String.
s = r"2011-03-01 14:10:43 C:\Scan\raisoax.exe detected Trojan.Win32.VBKrypt.agqw"
s.split("\t")
gets you
['2011-03-01 14:10:43 C:\\\\Scan\\raisoax.exe detected', 'Trojan.Win32.VBKrypt.agqw']
1 Comment
razong
I added the r"" for proper encoding of the backslashes. I really doesn't matter for your question because the important thing is just the \t inside the split for using tab as delimeter between substrings.
s = r"2011-03-01 14:10:43 C:\Scan\raisoax.exe detected Trojan.Win32.VBKrypt.agqw"
v = s.split()
print v[-1] # gives you Trojan.Win32.VBKrypt.agqw
print v[-3] # gives you C:\Scan\raisoax.exe
To handle spaces in filenames try
print " ".join(v[2:-2])
1 Comment
John Machin
What if there is a space in the file path e.g.
C:\Program Files\fubar.exe ?Use the re package. Something like
import re
s = r'2011-03-01 14:10:43 C:\Scan\raisoax.exe detected Trojan.Win32.VBKrypt.agqw'
m = re.search('\d{4}-\d{2}-\d{2}\s\d{2}:\d{2}:\d{2}\s(.+)\s+detected\s+(.+)', s)
print 'file: ' + m.group(1)
print 'error: ' + m.group(2)
Comments
You can use this package called "substring". Just type "pip install substring". You can get the substring by just mentioning the start and end characters/indices.
