我有这个日志
**[06/Aug/2016: 11:47:28 +0200]** [ Warning. Match of "rx \\.(jpg)$" against "REQUEST_FILENAME" required. [file "/mod_security2/modsecurity.conf"] [line "29"] [id "980"] **[msg "USER_ACTIONS_TRACKING (tablecolspan=2&CSRF_TOKEN=-4492965027555802&accessType="]**
只能提取这两个字段[06/Aug/2016: 11:47:28 +0200]和[msg.....]
新的日志行将是日期+ msg
我使用了这个规则\[.*\+/d{4}\]\[(msg).*\],但它起作用了。
你能帮我吗
提前谢谢