11 Optimizing for regular expressions at scale

 

This chapter covers:

  • Where regular expressions are used in telemetry.
  • Optimizing your regular expression usage.
  • Changing your emissions to speed up regular expressions.

The best way to optimize regular expressions (regexes) at scale is to not use regular expressions at all. However, the telemetry tooling we available sometimes doesn’t give us the option of avoiding regular expressions, and we have to deal with them anyway. This chapter is about making the regexes you must use perform the best they can. Much like programming, regexes are used for two reasons in a telemetry pipeline:

  • Control program flow. If a string matches a regex, do something, such as attempt parsing a certain way.
  • Extract fields from strings. Using regex capture expressions to add fields to telemetry being processed, known as enrichment (see chapter 6 for more on enrichment in general).

11.1  Anchoring expressions for speed

 
 

11.2  Building expressions to fail fast

 
 
 

11.3  Digging into the Cisco ASA firewall telemetry

 
 

11.4  Refining emissions to speed up expression performance

 
 
 
 

11.5  Additional regular expression resources

 
 

11.6  Summary

 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest