Your regexen look reasonable enough to me. One way to keep your code a little cleaner when you have more than a couple of captures is with the use of the /x modifier and the new-ish named captures:

#!/usr/bin/env perl

use 5.014;
use warnings;

$_ = <DATA>; chomp;

/^  (?<mon>\w+)\s(?<dd>\d\d)
 \s (?<time>..:..:..) # could capture hh:mm:ss separately if need be
 \s (?<src>\d+\.\d+\.\d+\.\d+)
 # keep going with your sub-expressions
/x;

say "time: $+{time}  src: $+{src}";

__DATA__
May 20 18:57:27 1.23.25.5 %ASA-6-106100 a6 [local4.info] access-list M
+yaccess-Block permitted tcp outside/10.31.0.9(3803) -> inside/10.29.1
+0.91(4127) hit-cnt 1 300-second interval [0xa178b29d, 0x0]
[download]

Edit: I note you match dotted-quad IP addresses frequently. If it helps, you can throw that pattern in a variable for re-use:

    my $IP_ADDR = qr/\d+\.\d+\.\d+\.\d+/;
    /...(?<src>$IP_ADDR).../
[download]

As rjt says, there’s nothing wrong with using a straight regex approach. However, in the spirit of TMTOWTDI, here’s a different approach which begins by dividing the line into word-like chunks:

#! perl
use strict;
use warnings;

my $string = 'May 20 18:57:27 1.23.25.5 %ASA-6-106100 a6 [local4.info]
+ access-list Myaccess-Block permitted tcp outside/10.31.0.9(3803) -> 
+inside/10.29.10.91(4127) hit-cnt 1 300-second interval [0xa178b29d, 0
+x0]';
   @ARGV   = split /\s+/, $string;
printf "Time:                  %s\n", join ' ', (shift, shift, shift);
printf "Source Firewall:       %s\n", shift;
shift for 1 .. 4;
printf "Source ACL:            %s\n", shift;
printf "Action:                %s\n", shift;
printf "Protocol:              %s\n", shift;
shift =~ m! (.+) / (.+) \( (\d+) \) !x;
printf "Source Interface:      %s\n", $1;
printf "Source IP:             %s\n", $2;
printf "Source Port:           %s\n", $3;
shift;
shift =~ m! (.+) / (.+) \( (\d+) \) !x;
printf "Destination Interface: %s\n", $1;
printf "Destination IP:        %s\n", $2;
printf "Destination Port:      %s\n", $3;
shift for 1 .. 4;
shift =~ m! \[ (.+) , !x;
printf "Rule:                  %s\n", $1;
[download]

Output:

12:39 >perl 626_SoPW.pl
Time:                  May 20 18:57:27
Source Firewall:       1.23.25.5
Source ACL:            Myaccess-Block
Action:                permitted
Protocol:              tcp
Source Interface:      outside
Source IP:             10.31.0.9
Source Port:           3803
Destination Interface: inside
Destination IP:        10.29.10.91
Destination Port:      4127
Rule:                  0xa178b29d

12:44 >
[download]

Hope that helps,

write something like this (incomplete examples)

for perl 5 and up my $re_asalog = qr{ ^ (.{15}) # $1 timestamp \s (\S+) # $2 firewall \s (\S+) # $3 part firewall access-list \s+ (\S+) # $4 source acl \s+ (\S+) # $5 action ... }xm; [download]

for perl-5.10 and up my $re_asalog = qr{ ^ # start of line (?<time> .{15} ) \s \s (?<firewall> \S+ ) \s (?<part_firewall> \S+ ) \s access-list \s (?<source_acl> \S+ ) \s (?<action> \S+ ) \s (?<protocol> \S+ ) \s (?<source_interface> \S+ ) \s (?<source_ip> \S+ ) \s (?<source_port> \S+ ) # ... $ # end of line }mx; [download]

running example using named capture buffers instead of numbered ones , See perlvar#% , perlre#(?<NAME>pattern) , and #(DEFINE)