-1

I'm attempting to teach myself regex and I have a question concerning two different methods for capturing the HTTP status code (301) in the below fake apache access log. I realize that this regex would only capture the status code in this one single message, but it's just a proof of concept.

11.22.33.44 - - [17/Aug/2019:11:24:01 -0400] "GET /posts/posts/explore HTTP/1.0" 301 5024 "http://www.someurl.blah/faq.php" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_12_5) AppleWebKit/5310 (KHTML, like Gecko) Chrome/29.0.801.0 Safari/5310"

So I could do this using read ahead and look behind to make a full match:

(?<=HTTP\/1.0"\s)(301)(?=\s5024)

Or I could just capture the status code in a group:

HTTP\/1.0"\s(?<status_code>301)

I'm a total noob here, but it just seems like it would be easier to capture "in between" type strings as groups as in the second example. I'm just having a disconnect understanding why I wouldn't always just capture by group. I hope this makes sense.

Jay Schwegler
  • 125
  • 1
  • 5
  • So your question is... "Why wouldn't I always capture by group?" Can your question be articulated in such a way that there is an actual answer rather than just preference? Obviously there are many ways to define what captures and what does not. You can use non-capturing groups, capturing groups, explicit and implicit capture, etc. So what's the actual question? – Wyck Aug 19 '19 at 02:59

2 Answers2

0

Your expression is just fine, and you can get 301 without the capturing groups:

(?i)(?<=http\/1\.0"\s)301(?=\s[0-9]{4})

or with capturing groups. Sometimes, you'd want the full match to return exactly what you want without a second call to other capturing groups, and sometimes it doesn't really matter.

If you wish to explore/simplify/modify the expression, it's been explained on the top right panel of regex101.com. If you'd like, you can also watch in this link, how it would match against some sample inputs.

Emma
  • 27,428
  • 11
  • 44
  • 69
0

According to regex101

Toto
  • 89,455
  • 62
  • 89
  • 125