Tips for working with regular expressions
Before you work with regular expressions, review the following tips.
- For more examples of regular expressions, you can view the Context tab of the Situation Properties dialog box.
- When adding a Situation to an Inspection rule, it is often useful to select the “Excerpt” logging option. This option includes an excerpt of the traffic that the regular expression matches and also the matching position (“Excerpt position”) in the log entry. This helps in verifying that the regular expression works as expected.
- Freely available tools, such as wget, can be used for generating traffic for testing regular expressions.
- If a policy upload fails with an error message such as “Fingerprint compilation failed”, it indicates that a regular expression is too complex. In this case, the regular expression must be edited. For example, use a variable expression or an independent subexpression. If it is not possible to edit the regular expression, the regular expression can be moved to a parallel matching group.