我有一个解析部分信息进行argv[]
的PHP脚本,但我有点困惑,如何获取信息了一长串。我只是想[msg "something something"]
&[uri "something something"]
感谢很多提前的帮助
刺:
[星期三2月6日8点57分54秒2019] [错误] [客户端123.123.123.123]的ModSecurity:访问被拒绝的代码403(阶段2)。操作EQ以REQUEST_HEADERS匹配0。 [文件 “/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf”] [线 “47”] [ID “960015”] [REV “1”] [MSG “请求中缺少的Accept报头”] [严重性“注意 “] [版本 ”OWASP_CRS / 2.2.6“] [成熟 ”9“] [准确性 ”9“] [标签 ”OWASP_CRS / PROTOCOL_VIOLATION / MISSING_HEADER_ACCEPT“] [标签 ”WASCTC / WASC-21“] [标签” OWASP_TOP_10 / A7" ] [标签 “PCI / 6.5.10”] [主机名 “something.net”] [URI “/index.php/admin/”] [UNIQUE_ID “XFsEAsDzZbMAAGY5i5oAAAAA”]
看来你是个老成员,但有关How to ask a help/question on stackoverflow这就是为什么我在回答你的问题,但是从今天开始,请试着问任何形式的帮助,在此之前遵循的规则不是很熟悉。
你可以用正则表达式模式匹配类似如下─REGEX尝试
<?php
$re = '`\[(msg|uri) "(.*?)"\]`mi';
$str = '[Wed Feb 06 08:57:54 2019] [error] [client 123.123.123.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "1"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "9"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "something.net"] [uri "/index.php/admin/"] [unique_id "XFsEAsDzZbMAAGY5i5oAAAAA"]';
preg_match_all($re, $str, $matches, PREG_SET_ORDER, 0);
// matches contains all full match, partial match, so you can use any index to get that values e.g match[0] contains [uri "/index.php/admin/"]
//print_r($matches); // see what is full match, partial match etc
foreach($matches as $match){
$expected[] = $match[2];
}
print_r($expected);
?>
输出:
Array (
[0] => Request Missing an Accept Header
[1] => /index.php/admin/
)
但是:四联zxsw POI
通过使用正则表达式广泛,你可以一次提取所有的标签信息。然后,您可以使用https://3v4l.org/HJ2uB能够制造标签索引值的数组:
array_combine
输出:
preg_match_all('/\[([a-z_]+)\s*([^]]*)\]/', $string, $matches);
$output = array_combine($matches[1], $matches[2]);
如果你不想让身边的值,使用Array (
[error] =>
[client] => 123.123.123.123
[file] => "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf"
[line] => "47"
[id] => "960015"
[rev] => "1"
[msg] => "Request Missing an Accept Header"
[severity] => "NOTICE"
[ver] => "OWASP_CRS/2.2.6"
[maturity] => "9"
[accuracy] => "9"
[tag] => "PCI/6.5.10"
[hostname] => "something.net"
[uri] => "/index.php/admin/"
[unique_id] => "XFsEAsDzZbMAAGY5i5oAAAAA"
)
和array_map
报价:
trim
输出:
$output = array_map(function ($v) { return trim($v, '"'); }, $output);
Array (
[error] =>
[client] => 123.123.123.123
[file] => /etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf
[line] => 47
[id] => 960015
[rev] => 1
[msg] => Request Missing an Accept Header
[severity] => NOTICE
[ver] => OWASP_CRS/2.2.6
[maturity] => 9
[accuracy] => 9
[tag] => PCI/6.5.10
[hostname] => something.net
[uri] => /index.php/admin/
[unique_id] => XFsEAsDzZbMAAGY5i5oAAAAA
)