4 Mar
2023
4 Mar
'23
4:26 p.m.
Hi Grant,
the more precise alternation listing out each month.
(Jan|Feb|Mar...
For those regexp engines which test each alternative in turn, ordering
the months most-frequent first would give a slight win. :-) It really
is a rabbit hole once you start. Typically not worth entering, but it
can be fun if you like that kind of thing.
I trust that syslog will produce consistent line
beginnings more than
I trust the data that is provided to syslog. But I'd still like to be
able to detect "Jer" or "Dot" if syslog ever tosses it's
cookies.
You could develop your regexps to find lines of interest and then flip
them about, e.g. egrep's -v, to see what lines are missed and consider
if any are interesting. Repeat. But this happens at development time.
Or at run time, you can have a ‘loose’ regexp to let all expected lines
in through the door and then match with one or more ‘tight’ regexps,
baulking if none do.
There's no right answer in general.
--
Cheers, Ralph.