Users can employ regular expressions within their searches to quickly retrieve important log events. Please see this page for more information about the regex capabilities we support.
A customer (B.Z.) inquired whether boundary expressions (
\b) are supported. Since they aren't, B.Z. devised this clever workaround for extracting patterns which match US phone numbers. In the spirit of knowledge sharing and continuous learning, B.Z. shared this solution and requested that we add it to our Knowledge Base articles.
The following solution employs our shorthand notation of
$"regex" and works when applied to a variety of different data sources:
And now for the breakdown:
Match one of the three US phone number prefixes, when formatted as:
- 1 followed by a sequence of three numbers, or
- A non-numerical character, followed by a sequence of three numbers, or
- A sequence of 3 numbers
Discard 0 or 1 of the following:
- A single hyphen, or
- A closing parenthesis, followed by a space,
- A closing parenthesis, or
- A period
Match a sequence of 3 numbers. Ignore 0 or 1 instances of a hyphen or period, then match sequence of 4 numbers
Discard a single non-numeric character (or null) suffix to string
The regular expression provided above will match a variety of 10-number sequences with delimiters. Although this example was designed to fulfill a particular need, it serves as an example of the versatility (and speed) of Scalyr searches when used in conjunction with regular expressions. Due to the flexibility of this regexp, it may return false positives (depending on the data it is analyzing). For example, the following patterns (in lime green) are matched:
- 123) 456-7890
Consequently, we recommend being specific when defining searches to improve the relevance of your results. Happy searching!