使用 java Grok api 解析日志文件不工作但在 Grok 在线调试器中工作
parsing log file using java Grok api not working but working in Grok online debugger
您好,当我使用 Grok 调试器 https://grokdebug.herokuapp.com/ 进行测试时,使用从 Github 下载的代码和 grok api(我没有使用 logstash)解析日志文件时遇到问题
它工作正常,但在我的代码中它不会
这是我要解析的文件中的日志行:
DEBUG 2015-06-17 14:44:57,475 (com.test.logging.exceptionmanager.ExceptionTreeModel:findNodeByIdRecursively:651) - Could not find node with Id: 1913
这是我的代码:
public class LogParse {
public static void main(String[] args) throws GrokException {
// Get an instance of grok
Grok grok = new Grok();
// add a pattern to grok
grok.addPattern("LOGLEVEL", "\w+");
grok.addPattern("YEAR", "\w+");
grok.addPattern("MONTHNUM", "\w+");
grok.addPattern("MONTHDAY", "\w+");
grok.addPattern("HOUR", "\w+");
grok.addPattern("MINUTE", "\w+");
grok.addPattern("SECOND", "\w+");
grok.addPattern("GREEDYDATA", "\w+");
grok.compile("%{LOGLEVEL:loglevel} %{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day} %{HOUR:hour}:%{MINUTE:minute}:%{SECOND:second} %{GREEDYDATA:data}");
try{
FileInputStream fstream = new FileInputStream("C://file.log");
BufferedReader br = new BufferedReader(new InputStreamReader(fstream));
String log;
//output
BufferedWriter output = new BufferedWriter(new FileWriter("out.json"));
/* read log line by line */
while ((log = br.readLine()) != null) {
System.out.println (log);
Match gm = grok.match(log);
gm.captures();
//output
System.out.println(gm.toJson());
output.write(gm.toJson());
output.newLine();
}
output.close();
fstream.close();
} catch (Exception e) {
System.err.println("Error: " + e.getMessage());
} }}
感谢您的帮助。
工作代码:
public class LogParse {
public static void main(String[] args) throws GrokException, IOException {
// Get an instance of grok
Grok grok = new Grok();
// add a pattern to grok
grok.addPattern("LOGLEVEL", "\w+");
grok.addPattern("YEAR", "\w+");
grok.addPattern("MONTHNUM", "((?:0?[1-9]|1[0-2]))");
grok.addPattern("MONTHDAY", "(?:[+-]?(?:[0-9]+))");
grok.addPattern("HOUR", "(?:[+-]?(?:[0-9]+))");
grok.addPattern("MINUTE", "(?:[+-]?(?:[0-9]+))");
grok.addPattern("SECOND", "(?:(?:[0-5][0-9]|60)(?:[:.,][0-9]+)?)");
grok.addPattern("GREEDYDATA", ".*");
grok.compile("%{LOGLEVEL:loglevel} %{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day} %{HOUR:hour}:%{MINUTE:minute}:%{SECOND:second} (%{GREEDYDATA:data}) - %{GREEDYDATA:message} %{GREEDYDATA:Erreur}");
grok.compile("%{LOGLEVEL:loglevel} %{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day} %{HOUR:hour}:%{MINUTE:minute}:%{SECOND:second} (%{GREEDYDATA:data}) - %{GREEDYDATA:message}");
try{
FileInputStream fstream = new FileInputStream("C://file.log");
BufferedReader br = new BufferedReader(new InputStreamReader(fstream));
String log;
//output
BufferedWriter output = new BufferedWriter(new FileWriter("out.json"));
/* read log line by line */
while ((log = br.readLine()) != null) {
System.out.println (log);
Match gm = grok.match(log);
gm.captures();
//output
System.out.println(gm.toJson());
output.write(gm.toJson());
output.newLine();
}
output.close();
fstream.close();
} catch (Exception e) {
System.err.println("Error: " + e.getMessage());
} }}
您好,当我使用 Grok 调试器 https://grokdebug.herokuapp.com/ 进行测试时,使用从 Github 下载的代码和 grok api(我没有使用 logstash)解析日志文件时遇到问题 它工作正常,但在我的代码中它不会
这是我要解析的文件中的日志行:
DEBUG 2015-06-17 14:44:57,475 (com.test.logging.exceptionmanager.ExceptionTreeModel:findNodeByIdRecursively:651) - Could not find node with Id: 1913
这是我的代码:
public class LogParse {
public static void main(String[] args) throws GrokException {
// Get an instance of grok
Grok grok = new Grok();
// add a pattern to grok
grok.addPattern("LOGLEVEL", "\w+");
grok.addPattern("YEAR", "\w+");
grok.addPattern("MONTHNUM", "\w+");
grok.addPattern("MONTHDAY", "\w+");
grok.addPattern("HOUR", "\w+");
grok.addPattern("MINUTE", "\w+");
grok.addPattern("SECOND", "\w+");
grok.addPattern("GREEDYDATA", "\w+");
grok.compile("%{LOGLEVEL:loglevel} %{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day} %{HOUR:hour}:%{MINUTE:minute}:%{SECOND:second} %{GREEDYDATA:data}");
try{
FileInputStream fstream = new FileInputStream("C://file.log");
BufferedReader br = new BufferedReader(new InputStreamReader(fstream));
String log;
//output
BufferedWriter output = new BufferedWriter(new FileWriter("out.json"));
/* read log line by line */
while ((log = br.readLine()) != null) {
System.out.println (log);
Match gm = grok.match(log);
gm.captures();
//output
System.out.println(gm.toJson());
output.write(gm.toJson());
output.newLine();
}
output.close();
fstream.close();
} catch (Exception e) {
System.err.println("Error: " + e.getMessage());
} }}
感谢您的帮助。
工作代码:
public class LogParse {
public static void main(String[] args) throws GrokException, IOException {
// Get an instance of grok
Grok grok = new Grok();
// add a pattern to grok
grok.addPattern("LOGLEVEL", "\w+");
grok.addPattern("YEAR", "\w+");
grok.addPattern("MONTHNUM", "((?:0?[1-9]|1[0-2]))");
grok.addPattern("MONTHDAY", "(?:[+-]?(?:[0-9]+))");
grok.addPattern("HOUR", "(?:[+-]?(?:[0-9]+))");
grok.addPattern("MINUTE", "(?:[+-]?(?:[0-9]+))");
grok.addPattern("SECOND", "(?:(?:[0-5][0-9]|60)(?:[:.,][0-9]+)?)");
grok.addPattern("GREEDYDATA", ".*");
grok.compile("%{LOGLEVEL:loglevel} %{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day} %{HOUR:hour}:%{MINUTE:minute}:%{SECOND:second} (%{GREEDYDATA:data}) - %{GREEDYDATA:message} %{GREEDYDATA:Erreur}");
grok.compile("%{LOGLEVEL:loglevel} %{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day} %{HOUR:hour}:%{MINUTE:minute}:%{SECOND:second} (%{GREEDYDATA:data}) - %{GREEDYDATA:message}");
try{
FileInputStream fstream = new FileInputStream("C://file.log");
BufferedReader br = new BufferedReader(new InputStreamReader(fstream));
String log;
//output
BufferedWriter output = new BufferedWriter(new FileWriter("out.json"));
/* read log line by line */
while ((log = br.readLine()) != null) {
System.out.println (log);
Match gm = grok.match(log);
gm.captures();
//output
System.out.println(gm.toJson());
output.write(gm.toJson());
output.newLine();
}
output.close();
fstream.close();
} catch (Exception e) {
System.err.println("Error: " + e.getMessage());
} }}