some questions about the use of parse_grok #20355
Unanswered
yanming-zhang
asked this question in
Q&A
Replies: 2 comments
-
please help me look at this issue |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
A note for the community
I use vector consume from kafka, then parse log format by parse_grok, but it can not work
such as my example log, regex pattern infomation:
example log
[2024-04-22 14:43:43.385] [ INFO] [hs-msc-proxy,TID:ace6121994f8449ebc7965a8f2815ff4.121.17137682228980013,,] [1] [ XNIO-1 task-12] [c.r.m.p.channel.service.HsYCardService.batchYiDCardQuery(90)] : [batchYiDCardQuery]获取签名Sign:kGA0xSObIDNvlMElsopm1KJ43JSfiDCGFVj3ctz5yIkIHWT6GdIX3cx1q/fBS2jSdCe02eEOScTjRM5CSIVCAT3gdE5J8Nm76ANQPaQefUd9A+XB3UBoN3AboZCaI4V/X0ljjuVB14K1JfCh6QV7gWmwPe+/mvSlCSbF/WCsMeM=
regex pattern
^[%{TIMESTAMP_ISO8601:logtime}]\s*[\s*%{LOGLEVEL:loglevel}]\s*[%{USERNAME:appname},(?[a-zA-Z0-9.:/]+)?,(?[a-zA-Z0-9.:]+)?,(?\w+)?]\s*[%{INT:pid}]\s*[\s*(?[a-zA-Z0-9_. -]+)]\s*%{NOTSPACE:logger}\s*:(?.*)
above regex pattern refer logstash
Beta Was this translation helpful? Give feedback.
All reactions