use strict;

my $data = "Aug 21 19:00:36 [1.1.1.3.200.125] 410381: Aug 21 23:00:35 UTC: %SEC-6-IPACCESSLOGP: list 101 denied tcp 10.161.24.153(3988) -> 10.158.24.10(135), 1 packet";

my $timestamp = qr/[A-Z][a-z]+ \d\d \d\d:\d\d:\d\d/;
my $address   = qr/[\.\d]+/;
my $id        = qr/\d+/;
my $timezone  = qr/[A-Z]+/;


#print $data;
$data =~ /($timestamp) \[($address)\] ($id): ($timestamp) ($timezone): (.*?): (.*?) (tcp|icmp|udp) ($address\(.*?\)) -> ($address\(.*?\)), (.*)/;
print "time: $1\n",
      "address: $2\n",
      "id: $3\n",
      "time2: $4\n",
      "time zone: $5\n",
      "error: $6\n",
      "msg: $7\n",
      "protocol: $8\n",
      "address1: $9\n",
      "address2: $10\n",
      "last: $11\n";
1;