First of all, English is not mu native language, so if I make a mistake don't shoot me. :) Here's my problem: when I use every thing works fine, as soon as there is a port number or a comma direct after the IP-address is involved, it never has a match.
Here is a snippit from the logfile:
[08/Apr/2023 17:48:27] SMTP Spam attack detected from 91.223.169.83:60616, client sent data before SMTP greeting
In the above snippit you see the ip-address followed by colon, the port number and a comma. If I use < HOST > it doesn't match because (IMHO) of the colon, port number and comma. How do I construct a regex so that it matches only the IP-address?
Sometimes it's also like 1.2.3.4, so a comma following the IP-address.
Thanks in advance for your help. Storm