> Dec 18 10:04:45 dragon logger: TCPWRAP: SERVICE=sshd@::ffff:192.168.0.1 > ,TYPE=ALL_DENY,HOST_ADDRESS=::ffff:195.145.94.75,HOST_INFO=::ffff: > 195.145.94.75,HOST_NAME=unknown,USER_NAME=unknown,OTHERINFO=
Hi Will, Observation: the output above looks comma delimited, at least the stuff after the 'TCPWRAP:' part. > self.twist_fail_re = > rc('SERVICE=\S*\sHOST_ADDRESS=\S*\sHOST_INFO=\S*\sHOST_NAME=\S*\sUSER_NAME=\S*\s') The line given as example doesn't appear to have whitespace in the places that the regular expression expects. It does contain commas as delimiters between the key/value pairs encoded in the line. There's more information on regular expressions here: http://www.amk.ca/python/howto/regex/ that should help you get started. As an aside: the structure of the log line above is simple enough that you might not even need regexes --- regular string methods might just be powerful enough. For example, strings have a 'split()' method to break a string into a list of substrings: ###### >>> 'hello,world,this,is,a,test'.split(",") ['hello', 'world', 'this', 'is', 'a', 'test'] ###### If you have more questions, please feel free to ask. _______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor