Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/logging/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
<img src="//i.stack.imgur.com/RUiNP.png" height="16" width="18" alt="" class="sponsor tag img">elasticsearch 如何在弹性堆栈中索引正则表达式?_<img Src="//i.stack.imgur.com/RUiNP.png" Height="16" Width="18" Alt="" Class="sponsor Tag Img">elasticsearch_Elastic Stack - Fatal编程技术网 elasticsearch 如何在弹性堆栈中索引正则表达式?,elasticsearch,elastic-stack,elasticsearch,Elastic Stack" /> elasticsearch 如何在弹性堆栈中索引正则表达式?,elasticsearch,elastic-stack,elasticsearch,Elastic Stack" />
Fatal编程技术网
  • elasticsearch/
  • elasticsearch 如何在弹性堆栈中索引正则表达式?

elasticsearch 如何在弹性堆栈中索引正则表达式?

elasticsearch 如何在弹性堆栈中索引正则表达式?,elasticsearch,elastic-stack,elasticsearch,Elastic Stack,使用ELK/Elastic Stack进行日志管理,我希望基于以下日志行构建报告: 2018-01-31 11:50:00.212 Loading the user images took 234 ms 2018-01-31 10:23:01.984 Loading the user images took 331 ms 2018-01-31 10:12:41.323 Loading the user images took 512 ms 因此,报告将使用加载用户图像的字符串行 然后正则

使用ELK/Elastic Stack进行日志管理,我希望基于以下日志行构建报告:

2018-01-31 11:50:00.212 Loading the user images took 234 ms 
2018-01-31 10:23:01.984 Loading the user images took 331 ms 
2018-01-31 10:12:41.323 Loading the user images took 512 ms
因此,报告将使用加载用户图像的字符串行

然后正则表达式将提取/take\d+ms/中的数字,并构建图表或通知

我该怎么做?也许这涉及到如何定义索引?

我会使用logstash grok过滤器

使用此网站以用户友好的方式测试grok模式:

我制作了一个模式,将ms提取到一个timetake字段:

%{GREEDYDATA}took %{NUMBER:timeTaken}
如果需要更多数据,请使用联机页面进行测试并搜索grok模式。可视化是在基巴纳完成的