- DotW: URL Wildcard Pattern
- Using Wildcards in URL Filtering Profiles
- Syntax for Regular Expression Data Patterns
- What Is URL Filtering?
- Objects > Custom Objects > Data Patterns
Using Wildcards in URL Filtering Profiles
EN Location. Download PDF. Last Updated:. Current Version:. Syntax for Regular Expression Data Patterns. When you create a regular expression data pattern, the following general requirements apply:. The pattern must have a string of at least 7 bytes with fixed values. The 7 bytes cannot contain a period. When you require that values be case-sensitive, define patterns for all possible strings to match all variations of a term. Pattern Rules Syntax. Match any single character. Match the preceding character or expression 0 or 1 time. You must include the general expression inside parentheses. Match the preceding character or expression 0 or more times. Match the preceding character or regular expression one or more times. You must include alternative substrings in parentheses. Example: [c-z] matches any character between c and z inclusive. Match any specified character. Example: [abz] matches any of the characters a, b, or z. Match any character except those specified. Match a string that contains minimum and maximum. You must specify this directly in front of a fixed string and you can use only hyphens. Perform a literal match on any character above. Recommended videos not found. All rights reserved. Example: abc? Specify a range.
Syntax for Regular Expression Data Patterns
EN Location. Download PDF. Last Updated:. Current Version:. Syslog Filters. The User-ID agent uses Syslog Parse profiles to filter syslog messages sent from the syslog senders that the agent monitors for IP address-to-username mapping information see Configure Access to Monitored Servers. Each profile can parse syslog messages for either of the following event types, but not both:. Authentication login events—Used to add user mappings to the firewall. Logout events—Used to delete user mappings that are no longer current. Deleting outdated mappings is useful in environments where IP address assignments change often. The predefined profiles are global to the firewall, whereas the custom profiles you configure apply only to the virtual system Location. Syslog messages must meet the following criteria for a User-ID agent to parse them:. Each message must be a single-line text string. The maximum size for individual messages is 2, bytes. A single packet might contain multiple messages. To configure a custom profile, click Add. The complete procedure to configure the User-ID agent to parse a syslog sender for user mapping information requires additional tasks besides creating a Syslog Parse profile. Syslog Parse Profile. Enter a name for the profile up to 63 alphanumeric characters. Enter a description for the profile up to alphanumeric characters. Specify the type of parsing for filtering the user mapping information:. Regex Identifier. Field Identifier. The remaining fields in the dialog vary based on your selection. Configure the fields as described in the following rows. Event Regex. Enter the regex for identifying successful authentication or logout events. Username Regex. Enter the regex for identifying the username field in authentication success or logout messages. Address Regex. Enter the regex to identify the IP address portion of authentication success or logout messages. Event String.
What Is URL Filtering?