Working with the RegEx engine

Applies to: Microsoft Cloud App Security

This article provides instructions for using RegEx for pattern matching in Cloud App Security policies.

Regular expressions in Cloud App Security

Microsoft Cloud App Security's content inspection policies use RegEx for pattern matching. Content inspection may be applied as part of file policies.

Testing regular expressions

To test regular expressions, you can use the following websites:

Limitations of regular expressions in Cloud App Security

The following limitations are imposed on custom regular expressions:

  • The search is always case-insensitive

  • Allowed quantifiers: {n,m} where n, m < 10

  • All groups must be non-capturing, for example: (?:xxx)

    Instead of (group) use (?:group)

  • Disallowed quantifiers: *, +, {n,}

    Instead of * use {0,9}

    Instead of + use {1,9}

  • Disallowed back-references: \<number> or \k<name>

Example expressions

The following table gives you example expressions and if they would match or not.

Regular expression Data Matches
Colou?r (?:black|blue|white) Color black

Color white

Color red
Yes

Yes

No
[a-z0-9]{1,9}@[a-z0-9]{1,9}\.[a-z]{2,3} Some1@abc.com

user@host.org

@bad.com
Yes

Yes

No
20\d{2}-(?:0[1-9]|1[0-2])-(?:[0-2][0-9]|30|31) 2015-12-31

2015-01-09

1999-12-31
Yes

Yes

No
d.n't\s{0,10}c.r. Don't care

D!n'tcor0

Doesn't care
Yes

Yes

No

Check out this video!

Working with the Regex Engine

Next steps

Daily activities to protect your cloud environment

Premier customers can also create a new support request directly in the Premier Portal.