Fixed regex

go/detectparser/fortigate_dhcp.go

@@ -6,34 +6,39 @@ import (
 	"github.com/inverse-inc/go-utils/sharedutils"
 )
 
-var fortiGateDhcpRegexPattern1 = regexp.MustCompile(`\s+`)
-var fortiGateDhcpRegexPattern2 = regexp.MustCompile(`\=`)
+var fortiGateDhcpRegexPattern1 = regexp.MustCompile(`(\w+)="([^"]*)"|(\w+)=([^\s]+)`)
 
 type FortiGateDhcpParser struct {
 	Pattern1, Pattern2 *regexp.Regexp
 	parser
 }
 
 func (s *FortiGateDhcpParser) Parse(line string) ([]ApiCall, error) {
-	matches := s.Pattern1.Split(line, -1)
+	matches := s.Pattern1.FindAllStringSubmatch(line, -1)
 	var mac, ip, lease, hostname, ack string
 	var err error
-	for _, str := range matches {
-		args := s.Pattern2.Split(str, 2)
-		if len(args) <= 1 {
-			continue
+
+	attributes := make(map[string]string)
+
+	for _, match := range matches {
+		if match[1] != "" {
+			attributes[match[1]] = match[2]
+		} else {
+			attributes[match[3]] = match[4]
 		}
+	}
 
-		if args[0] == "mac" {
-			mac = args[1]
-		} else if args[0] == "ip" {
-			ip = args[1]
-		} else if args[0] == "lease" {
-			lease = args[1]
-		} else if args[0] == "hostname" {
-			hostname = args[1]
-		} else if args[0] == "dhcp_msg" {
-			ack = args[1]
+	for key, value := range attributes {
+		if key == "mac" {
+			mac = value
+		} else if key == "ip" {
+			ip = value
+		} else if key == "lease" {
+			lease = value
+		} else if key == "hostname" {
+			hostname = value
+		} else if key == "dhcp_msg" {
+			ack = value
 		}
 	}
 
@@ -73,7 +78,6 @@ func (s *FortiGateDhcpParser) Parse(line string) ([]ApiCall, error) {
 func NewFortiGateDhcpParser(config *PfdetectConfig) (Parser, error) {
 	return &FortiGateDhcpParser{
 		Pattern1: fortiGateDhcpRegexPattern1,
-		Pattern2: fortiGateDhcpRegexPattern2,
 		parser:   setupParser(config),
 	}, nil
 }