fred/logparser
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update with bob example

Browse Source
This commit is contained in:
Pellin, Frederic (DI QM QS) - AF
2017-10-13 10:27:10 +02:00
parent 03b6b322d2
commit 6f15e47ff3
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Readme.md
View File

@@ -34,6 +34,7 @@ BASE16FLOAT \b(?<![0-9A-Fa-f.])(?:[+-]?(?:0x)?(?:(?:[0-9A-Fa-f]+(?:\.[0-9A-Fa-f]
LOGLEVEL ([A|a]lert|ALERT|[T|t]race|TRACE|[D|d]ebug|DEBUG|[N|n]otice|NOTICE|[I|i]nfo|INFO|[W|w]arn?(?:ing)?|WARN?(?:ING)?|[E|e]rr?(?:or)?|ERR?(?:OR)?|[C|c]rit?(?:ical)?|CRIT?(?:ICAL)?|[F|f]atal|FATAL|[S|s]evere|SEVERE|EMERG(?:ENCY)?|[Ee]merg(?:ency)?) LOGLEVEL ([A|a]lert|ALERT|[T|t]race|TRACE|[D|d]ebug|DEBUG|[N|n]otice|NOTICE|[I|i]nfo|INFO|[W|w]arn?(?:ing)?|WARN?(?:ING)?|[E|e]rr?(?:or)?|ERR?(?:OR)?|[C|c]rit?(?:ical)?|CRIT?(?:ICAL)?|[F|f]atal|FATAL|[S|s]evere|SEVERE|EMERG(?:ENCY)?|[Ee]merg(?:ency)?)
LOGLEVELERROR [E|e]rr?(?:or)?|ERR?(?:OR)? LOGLEVELERROR [E|e]rr?(?:or)?|ERR?(?:OR)?
COSMOS .* %{LOGLEVELERROR:type} %{GREEDYDATA:message} COSMOS .* %{LOGLEVELERROR:type} %{GREEDYDATA:message}
BOB_MSG ^%{WORD:event},\d+,\S+,%{NUMBER:mqtime_value},%{NUMBER:integration_value},%{NUMBER:transformation_value},ID.*
``` ```
The first part indicate the name of the pattern et the second the pattern ( *mostly regex format* ). The first part indicate the name of the pattern et the second the pattern ( *mostly regex format* ).
Each pattern could be rename with the syntax indicate in the last line of the example ( *i.e : %{GREEDYDATA:message}* ). Each pattern could be rename with the syntax indicate in the last line of the example ( *i.e : %{GREEDYDATA:message}* ).
@@ -50,6 +51,7 @@ Example :
``` ```
#Application LogFilePath FileName GrokName #Application LogFilePath FileName GrokName
repind /app/qal/REPIND/MAIN/tomcat7/s*/logs/appli/ .log REPIND repind /app/qal/REPIND/MAIN/tomcat7/s*/logs/appli/ .log REPIND
bob_mess /app/qal/BOBCORE/*/tomcat7/s1/logs/appli bobmess.*.log BOB_MSG
``` ```
Each parameter is separate by a tabulation. Each parameter is separate by a tabulation.
Application = name of the application send as a tag to influxdb. Application = name of the application send as a tag to influxdb.
@@ -59,4 +61,4 @@ GrokName = Name of the grok patternto apply on the file.
## Influxdb ## Influxdb
All extracted metrics are sended to the "qualif" database on the "one_week" retention each second. ( For now it's not parametable ) All extracted metrics are sended to the "qualif" database on the "one_week" retention each second. ( For now it's not parametable )