matches#
The matches() function checks if a given value matches a wildcard pattern.
Syntax#
matches(value, pattern)
Parameters#
value: The value to check (field name, bytes)pattern: The wildcard pattern to match against (literal bytes)
Wildcard Symbols#
*: Matches any number of characters!: At the beginning of the pattern negates the match
Return Value#
Returns a boolean value: true if the value matches the pattern, false otherwise.
Example#
matches(http.request.uri, "*/admin/*") // Checks if the URI contains "/admin/"
matches(http.user_agent, "!*bot*") // Checks if the User-Agent does not contain "bot"
Use Cases#
- Filtering requests based on URL patterns
- Identifying specific user agents or bot traffic
- Matching against custom header values