获得2件信息的一个字符串的

问题描述 投票:-2回答:2

我有一个解析部分信息进行argv[]的PHP脚本,但我有点困惑,如何获取信息了一长串。我只是想[msg "something something"][uri "something something"]

感谢很多提前的帮助

刺:

[星期三2月6日8点57分54秒2019] [错误] [客户端123.123.123.123]的ModSecurity:访问被拒绝的代码403(阶段2)。操作EQ以REQUEST_HEADERS匹配0。 [文件 “/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf”] [线 “47”] [ID “960015”] [REV “1”] [MSG “请求中缺少的Accept报头”] [严重性“注意 “] [版本 ”OWASP_CRS / 2.2.6“] [成熟 ”9“] [准确性 ”9“] [标签 ”OWASP_CRS / PROTOCOL_VIOLATION / MISSING_HEADER_ACCEPT“] [标签 ”WASCTC / WASC-21“] [标签” OWASP_TOP_10 / A7" ] [标签 “PCI / 6.5.10”] [主机名 “something.net”] [URI “/index.php/admin/”] [UNIQUE_ID “XFsEAsDzZbMAAGY5i5oAAAAA”]

php
2个回答
1
投票

看来你是个老成员,但有关How to ask a help/question on stackoverflow这就是为什么我在回答你的问题,但是从今天开始,请试着问任何形式的帮助,在此之前遵循的规则不是很熟悉。

你可以用正则表达式模式匹配类似如下─REGEX尝试

<?php
$re = '`\[(msg|uri) "(.*?)"\]`mi';
$str = '[Wed Feb 06 08:57:54 2019] [error] [client 123.123.123.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "1"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "something.net"] [uri "/index.php/admin/"] [unique_id "XFsEAsDzZbMAAGY5i5oAAAAA"]';

preg_match_all($re, $str, $matches, PREG_SET_ORDER, 0);

// matches contains all full match, partial match, so you can use any index to get that values e.g match[0] contains [uri "/index.php/admin/"]
//print_r($matches); // see what is full match, partial match etc
foreach($matches as $match){
    $expected[] = $match[2];
}
print_r($expected);
?>

输出:

Array ( 
    [0] => Request Missing an Accept Header 
    [1] => /index.php/admin/ 
)

但是:四联zxsw POI


2
投票

通过使用正则表达式广泛,你可以一次提取所有的标签信息。然后,您可以使用https://3v4l.org/HJ2uB能够制造标签索引值的数组:

array_combine

输出:

preg_match_all('/\[([a-z_]+)\s*([^]]*)\]/', $string, $matches);
$output = array_combine($matches[1], $matches[2]);

如果你不想让身边的值,使用Array ( [error] => [client] => 123.123.123.123 [file] => "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf" [line] => "47" [id] => "960015" [rev] => "1" [msg] => "Request Missing an Accept Header" [severity] => "NOTICE" [ver] => "OWASP_CRS/2.2.6" [maturity] => "9" [accuracy] => "9" [tag] => "PCI/6.5.10" [hostname] => "something.net" [uri] => "/index.php/admin/" [unique_id] => "XFsEAsDzZbMAAGY5i5oAAAAA" ) array_map报价:

trim

输出:

$output = array_map(function ($v) { return trim($v, '"'); }, $output);

Array ( [error] => [client] => 123.123.123.123 [file] => /etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf [line] => 47 [id] => 960015 [rev] => 1 [msg] => Request Missing an Accept Header [severity] => NOTICE [ver] => OWASP_CRS/2.2.6 [maturity] => 9 [accuracy] => 9 [tag] => PCI/6.5.10 [hostname] => something.net [uri] => /index.php/admin/ [unique_id] => XFsEAsDzZbMAAGY5i5oAAAAA )

© www.soinside.com 2019 - 2024. All rights reserved.