.Bak文件解析使用方法replaceAll()

时间:2015-09-07 14:28:22

标签: java regex

我想从示例文件中省略一些细节。我不想要检测到" [SID:20068] SMB请求BO。此应用程序已阻止流量:C:\ WINDOWS \ system32 \ ntoskrnl.exe,"在我写完文件输出后出现在解析文件中。由于隐私和安全问题,我省略了其余的文件详细信息。我试图使用" \"因为我认为它与正则表达式函数的特殊字符相关联但它似乎不起作用,这意味着它仍然没有从输出文件中省略。

示例文件:

20:02:15 SymantecServer CALVIN: teller,[SID: 20068] SMB Request BO detected.  Traffic has been blocked from this application: C:\WINDOWS\system32\ntoskrnl.exe
19:58:40 Occurrences: 1,Application: C:/WINDOWS/system32/ntoskrnl.exe,Location: Home - LAN,User: Administrator,Domain: HUMBLE

预期产出:

20:02:15 SymantecServer CALVIN: teller,(....other file details which are omitted due to privacy)
19:58:40 Occurrences: 1,Application: C:/WINDOWS/system32/ntoskrnl.exe,Location: Home - LAN,User: Administrator,Domain: HUMBLE

我的代码:

try {
            File file = new File(filename);
            BufferedReader reader = new BufferedReader(new FileReader(file));
            String line = "", oldtext = "";
            while ((line = reader.readLine()) != null) {
                oldtext += line + "\r\n";
            }
            reader.close();

            // replace a word in a file
            oldtext = oldtext.replaceAll("\\[SID: 20068\\] SMB Request BO detected.  Traffic has been blocked from this application: C:\\WINDOWS\\system32\\ntoskrnl.exe,Local: 192.168.28.88,", "");
            oldtext = oldtext.replaceAll("\\[SID: 21545\\] SMB Guest Login detected.  Traffic has been allowed from this application: C:\\WINDOWS\\system32\\ntoskrnl.exe,", "");
            oldtext = oldtext.replaceAll("\\[SID: 23471\\] MS SMB2 Validate Provider Callback RCE detected.  Traffic has been blocked from this application: C:\\WINDOWS\\system32\\ntoskrnl.exe,", "");
            oldtext = oldtext.replaceAll("\\[SID: 23180\\] MSRPC Server Service Buffer Overflow 2 detected.  Traffic has been blocked from this application: C:\\WINDOWS\\system32\\ntoskrnl.exe,", "");
            oldtext = oldtext.replaceAll("\"Denial of Service \"\"Ping of Death\"\" attack detected. Description:  In a Ping of Death attack, the hacker uses a packet with a size that is larger than the normal standard. When your system encounters a packet of this size, it often crashes, hangs, or reboots.\",", "");
            FileWriter writer = new FileWriter("new_bakky.bak");

            // the entire file is contained within the String 'oldtext'
            // you only need one write operation to output it
            writer.write(oldtext);
            writer.close();
        } catch (IOException ioe) {
            ioe.printStackTrace();
        }

0 个答案:

没有答案