Regular Expression Syntax

LogScale's regular expression functionality is built on the JitRex engine and shares similar syntax with common regex implementations like Perl, JavaScript, and re2, though some operations are adapted specifically for CrowdStrike Query Language (CQL). The documentation covers supported regex patterns, query functions, and provides detailed comparisons between LogScale's regex implementation and other popular environments including JavaScript, PCRE, and re2.

The regular expression parser within LogScale is based on the JitRex regular expression engine which was part of the Jint programming language (see Jint Programming Language).

The engine works with very similar syntax to other regular expression engines such as those included with scripting languages like Perl, JavaScript or Google's re2 engine.

Due to the nature of querying within the CrowdStrike Query Language (CQL), certain regular expression operations have to be performed in a slightly different way (for example, named groups), but otherwise the syntax will be familiar to users of most regular expression environments.

For more information on the regular expression support within LogScale:

For information on the supported regular expression syntax, see Regular Expression Syntax Patterns.
For a list of related regular expression functions, see Regular Expression Query Functions.
For a comparison between the LogScale regex syntax and other environments, see:

Data Analysis Overview

LogScale User Interface

Repositories & Views

Parsing Data

Searching Data

Writing Queries

Query Language Syntax

Query Functions

Dashboards & Widgets

Automation

Template Language

Keyboard Shortcuts

Regular Expression Syntax

Other articles on this topic

Similar Content

Related KB Articles

Related Query Examples

Enter search term