Regular Expression Tester

About this tool

This regex tester runs regular expressions against test input directly in your browser and displays every match, its position, and all captured groups. It uses JavaScript's native RegExp engine with full support for flags, named groups, and lookaheads. Useful for developers building input validation, log parsers, ETL pipelines, and security detection rules who need to iterate quickly before committing a pattern to code.

Real example

Pattern: [A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,} with flags: g

Test input: Contact security@onlinedevtools.app and hello@example.org

Results:
Match 1: "security@onlinedevtools.app" @ position 8
Match 2: "hello@example.org" @ position 42

The g flag is what makes the engine find all matches instead of stopping at the first. Without it, only Match 1 would be returned.

Flags reference

• g - Global: find all matches, not just the first.
• i - Case-insensitive: Hello matches hello, HELLO, etc.
• m - Multiline: ^ and $ match start/end of each line, not just the full string.
• s - Dotall: makes . match newline characters as well as other characters.
• gm - The most common combination for log parsing - global match across all lines.

Common use cases

• Input validation: Prototype email, phone, UUID, and URL validation patterns before wiring them into form validation or an API schema.
• Log parsing and ETL pipelines: Extract structured fields from unstructured log lines. Test patterns against real log samples before deploying to a production parser.
• Security detection rules: Draft and test regex-based SIEM detection patterns against example log events. Verify the pattern does not produce false positives on benign lines.
• Capture group debugging: When using named or numbered capture groups for extraction, this tool shows exactly what each group matched so you can tune the pattern without trial-and-error in your codebase.

How it works

The pattern and flags are passed directly to JavaScript's new RegExp(pattern, flags). The engine then calls re.exec(input) in a loop (for global patterns) until no more matches are found or the 5,000-match safety limit is reached. Each match object exposes the full match string, its index in the input, and any captured groups (numbered or named). All processing happens in your browser.

Common mistakes

• Forgetting to escape backslashes: In the pattern input field, \d means a digit. But in many languages' string literals, you need \\d because the backslash itself must be escaped. Test your unescaped pattern here, then double-escape when embedding in source code.
• Greedy vs lazy quantifiers: .* is greedy - it matches as much as possible. .* is lazy - it matches as little as possible. For extracting content between tags or delimiters, the lazy version is almost always what you want.
• Missing the multiline flag for log lines: Without m, anchors ^ and $ only match the very start and end of the entire input string. Add m when working with multi-line text to anchor to individual lines.

FAQ

Does this support named capture groups
Yes. JavaScript's RegExp supports named groups with (<name>...) syntax. The group name and its matched value will appear in the output alongside the numbered groups.

Why does my pattern work here but not in Python
JavaScript and Python regex engines are mostly compatible but differ in a few areas - notably, Python does not support JavaScript's y (sticky) flag, and the two engines handle some Unicode categories differently. Test in the language you are actually deploying to when exact matching matters.

Is there a match limit
Yes - the tool stops after 5,000 matches to prevent browser hangs. For patterns expected to produce millions of matches, run them server-side.

Is my text or pattern sent anywhere
No. Regex processing runs entirely in your browser using JavaScript's native RegExp engine.

JavaScript regex syntax reference

This tester uses JavaScript's RegExp engine. Most regex syntax is consistent across languages, but JavaScript has a few specific behaviors worth knowing when your pattern will also run in Python, Go, or another backend language.

Flags: g (global — find all matches, not just the first), i (case-insensitive), m (multiline — ^ and $ match line boundaries, not just string boundaries), s (dotAll — . matches newlines), u (Unicode mode — enables full Unicode property escapes and correct handling of surrogate pairs), d (indices — captures include start/end positions). Combining flags: /pattern/gim.

Lookahead and lookbehind: (?=...) is positive lookahead (match position followed by pattern), (?!...) is negative lookahead, (?<=...) is positive lookbehind, (?<!...) is negative lookbehind. Lookbehind support was added in ES2018 and is available in all modern browsers. Python supports all four; Go's RE2 engine does not support lookbehind.

Named capture groups: (?<name>...) captures into a named group. In JavaScript, named groups are accessible in match results via groups.name. Python uses the same syntax. Named groups make complex patterns self-documenting and are safer than positional references when patterns evolve.

Character classes: \d matches ASCII digits (0-9) in JavaScript without the u flag; \w matches [A-Za-z0-9_]. In Unicode mode (u flag), \d still only matches ASCII digits — use \p{Decimal_Number} with the u flag for Unicode digit matching. \p{Letter}, \p{Script=Latin}, and similar Unicode property escapes require the u flag.

Practical regex patterns for common tasks

IPv4 address: (?:(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(?:25[0-5]|2[0-4]\d|[01]?\d\d?) — matches valid octets 0-255. The simple \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} is shorter but matches invalid addresses like 999.999.999.999.

ISO 8601 datetime: \d{4}-\d{2}-\d{2}[T ]\d{2}:\d{2}:\d{2}(?:\.\d+)?(?:Z|[+-]\d{2}:?\d{2})? — matches common timestamp formats in logs and API responses without being overly strict about separators.

Extract log level: (?:ERROR|WARN|INFO|DEBUG|FATAL) with the i flag — matches any case variation. Combine with ^.*?(?:ERROR|WARN).*$ and the gm flags to extract all warning and error lines from a log block.

UUID v4: [0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12} — the 4 in the third group and [89ab] in the fourth enforce the version and variant bits. Use the i flag for case-insensitive matching.

For log analysis with regex, see Log Explorer. For URL component extraction, URL Parser handles encoding automatically. For generating UUIDs to test against your UUID regex, use UUID Generator.