A regular expression represents a pattern-matching rule for identifying content in a file. Several types of controls require users to enter one or more regular expressions when setting the default expected value for a control. The default expected value may be set when creating user-defined controls and when editing control values in a compliance policy. Users must also enter a regular expression when defining the scan parameters for a custom Unix File Content Check.
The compliance module implements Perl Compatible Regular Expressions (PCRE) following the PCRE standard. For information on this standard, go to http://www.pcre.org/. For information on building proper regular expressions for controls using this standard, go to http://perldoc.perl.org/perlre.html. Note that users should escape special characters in PCRE regular expressions for string matching to occur correctly:
( ) [ ] | ^ $ -
For example, to match the string "(cs" you must enter "\(cs" (add backslash before the special character).
Here is a quick reference to standard regular expression symbols and their meanings.
symbol |
NAME |
DESCRIPTION |
\ |
backslash |
Turn off the special meaning of the next character, as in \^. |
. |
period |
Match a single character of any value, except end of line. |
^ |
carat |
Match the start of the line, as in ^A. |
$ |
dollar sign |
Match the end of the line, as in A$. |
| |
pipe |
Match either the regular expression preceding it or the regular expression following it. |
[] |
square brackets |
Match any single character from within the bracketed list, as in [abcde]. Use a hyphen (-) for a range, as in [0-9]. Within square brackets, most characters are interpreted literally. |
[^] |
carat enclosed in square brackets |
Match any single character except those within the bracketed list, as in [^0-9]. |
() |
parentheses |
Group one or more regular expressions to establish a logical regular expression consisting of sub-regular expressions. Used to override the standard precedence of specific operators. |
! |
exclamation point |
Do not match the next character or regular expression. |
? |
question mark |
Match 0 or 1 time. |
* |
asterisk |
Match 0 or more times. |
+ |
plus |
Match 1 or more times. |
{n} |
n enclosed in braces |
Match exactly n times. |
{n,} |
n, enclosed in braces |
Match n or more times. |
{,n} |
,n enclosed in braces |
Match n or fewer times. |
{n,m} |
n,m enclosed in braces |
Match at least n times but not more than m times. |