What does the HTTP Request Log Line regex match?

Extracts key fields from a structured HTTP request log: method, path, status code, and duration.

Is the HTTP Request Log Line regex ReDoS-safe?

Yes. Manually audited and tested against ReDoS attack strings. Anchors and possessive-style constraints prevent runaway backtracking paths.

Dev & Systems/Log Parsing

Verified Safe

HTTP Request Log Line Regex for Python

/^(?:(?!FETCH)(?:GET|POST|PUT|DELETE|PATCH|HEAD|OPTIONS) [^\s]+ [0-9]{3}(?: [0-9]+ms| elapsed=[0-9]+ms)?|method=[A-Z]+ path=[^\s]+ status=[0-9]{3} duration=[0-9]+ms)$/i

What this pattern does

This page provides a comprehensive, battle-tested regular expression for matching http request log line, ported and verified for Python. A rigorously tested regex reduces debugging time and protects your application from edge-case failures. The snippet below is ready to drop into your Python project — whether you're validating in a Django view, a FastAPI endpoint, or a standalone data processing script.

Python Implementation

Python

# HTTP Request Log Line
# ReDoS-safe | RegexVault — Dev & Systems > Log Parsing

import re

http_request_log_line_pattern = re.compile(r'^(?:(?!FETCH)(?:GET|POST|PUT|DELETE|PATCH|HEAD|OPTIONS) [^\s]+ [0-9]{3}(?: [0-9]+ms| elapsed=[0-9]+ms)?|method=[A-Z]+ path=[^\s]+ status=[0-9]{3} duration=[0-9]+ms)$')

def validate_http_request_log_line(value: str) -> bool:
    return bool(http_request_log_line_pattern.fullmatch(value))

# Example
print(validate_http_request_log_line("GET /api/users 200 125ms"))  # True

Test Cases

Matches (Valid)	Rejects (Invalid)
`GET /api/users 200 125ms`	`FETCH /api 200`
`method=POST path=/api/login status=401 duration=50ms`	`not a request log`
`PUT /api/resource/123 204`	`GET 200`
`DELETE /api/item/42 200 elapsed=10ms`	`invalid method /path 200`

When to use this pattern

This pattern is drawn from the Dev & Systems > Log Parsing category and carries a ReDoS-safe certification. That matters for Python developers because particularly important in Python web servers where CPU-bound regex operations can stall concurrent request handling. RegexVault audits patterns against known backtracking attack vectors, ensuring you have the necessary context before using this regex in a high-stakes production environment.

Common Pitfalls

Different observability stacks emit different log formats. This pattern covers common variants but a dedicated log parsing library is more reliable for production observability pipelines.

Technical Notes

Groups: 1=HTTP method, 2=path, 3=status code, 4=duration (optional). The pattern is flexible on surrounding key=value formatting to handle multiple log styles.

Have a pattern that belongs in the vault?

Submit it for review — community-verified patterns get credited to your GitHub handle. Free submissions join the queue. Priority review available for $15.

Submit a Pattern