I’m having a problem with RegEx. Every time I think I have it down the parameters of what i need to do change and I’m reminded how much RegEx can hurt your brain!

What I am currently trying to do is extract a certain string of an unknown length from a big text file. It’s an event security log from a 3rd party to be exact. for most (if not all) I know the text before and after my string. Here is an example of what I need to look for
Subject.Account_Name: SourceUserName Subject.Account_Domain: CORP

From that string I need to extract SourceUserName That will change for each line.

I have multiple logs that i need to parse through and for the most part know the beginning and ending string.
Can anybody help with the RegEx search OR if there is a suggestion on a better way to do this i am open.

The regex is the easiest part I think:

'Subject.Account_Name: SourceUserName Subject.Account_Domain: CORP' -match 'Subject\.Account_Name:\s+(.+)\s+Subject\.Account_Domain:\s+CORP'
$Matches[1]

For the rest you should do a foreach loop and do whatever you need to do with the results.
If you have some trouble with your code you can come back and we’re gona help you.

Something akin to:

 ls c:\temp\searchfolder -recurse | Select-String "google" | Select Path, LineNumber | Format-List OR $Regex = "\b\D*([\d]{1,}).*\b"

Perhaps this may help? RegEx Searches I’m no expert but I seen the question figured I’d try run through some oddball searches of google in hopes of helping.

I recommend using the switch statement as it can be more efficient compared to Get-Content depending on the size and number of log files.

$logs = Get-ChildItem \path\to\logfiles\logs*
$strings = foreach ($log in $logs){
switch -Regex -File $log{
'Account_Name: (.*) Subject' {$Matches[1]}
}}
$strings