Powershell multiline regex matching

I discovered that creating a regex to parse multi-line text data is much easier if you use a multi-line regex in a here-string. By “multi-line” I mean the regex itself spans multiple lines (not just a regex with the multi-line option enabled).

This example uses an obfucated Exchange NDR email as data. Constructing the regex is made much easier by being able to simply copy and paste text from sample data, with the line breaks in place.


$email_body = @"

Delivery has failed to these recipients or groups:

mailuser1@domain.com<mailto:mailuser1@domain.com>
The e-mail address you entered couldn't be found. Please check the recipient's e-mail address and try to resend the message. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server: EXCH-HUB2@domain.com

mailuser1@domain.com
#550 5.1.1 RESOLVER.ADR.RecipNotFound; not found ##

Original message headers:

Received: from ironportc350-1-relay2.domain.local (192.168.31.241) by
 EXCH-HUB2@domain.com (192.168.31.144) with Microsoft SMTP Server id
 14.1.289.1; Thu, 1 Dec 2011 11:49:25 -0600
X-InternalRelay: True
Received: from APPSERVER-1.domain.local (HELO APPSERVER-1) ([192.168.31.78])
  by ironportc350-1-relay.domain.local with ESMTP; 01 Dec 2011 11:49:25 -0600
Message-ID: <1320111791.1322761765418.JavaMail.was_admin@APPSERVER-1>
From: <ESTATEMENT@DOMAIN.COM>
To: <mailuser1@domain.com>
Subject: eStatement FOR 11/30/2011
MIME-Version: 1.0
Content-Type: multipart/alternative;
        boundary="----=_Part_163496_1380733516.1322761765418"
Return-Path: ESTATEMENT@DOMAIN.COM
Date: Thu, 1 Dec 2011 11:49:25 -0600

"@

####################################################
#Exchange NDR parser
####################################################

$exchange_regex = @"
(?ms)\s*Delivery has failed to these recipients or groups:\s*
.+
Diagnostic information for administrators:

Generating server: .+

(\w+@\w+\.\w+)
#\d{3}\s+(\d\.\d\.\d)\s+([^#]+)##

Original message headers:
.+
Received:\sfrom.+
Message-ID:\s<(.+?)>
From:\s.*?<(.+?)>
To:\s.*?<(.+?)>
Subject:\s(.+)
MIME-Version.+
"@

$exchange_ndr_ht = {
    @{
    failing_addr = $matches[1]
    fail_code = $matches[2]
    fail_reason = $matches[3]
    messageid = $matches[4]
    sender = $matches[5]
    recipient = $matches[6]
    subject = $matches[7]
    }
}

$email_body -match $exchange_regex
new-object psobject -Property (&$exchange_ndr_ht)

recipient    : mailuser1@domain.com
fail_code    : 5.1.1
messageid    : 1320111791.1322761765418.JavaMail.was_admin@APPSERVER-1
subject      : eStatement FOR 11/30/2011
sender       : ESTATEMENT@DOMAIN.COM
fail_reason  : RESOLVER.ADR.RecipNotFound; not found
failing_addr : mailuser1@domain.com

Advertisements

2 responses to “Powershell multiline regex matching

  1. another great post.
    you really should create categories and tags for your posts so that search engines find them.

  2. This was perfect. I was having a lot of trouble building a multiline regex. Thank you.

    This is actually related to a conversation we were having on twitter about log reading speeds.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s