Fatal编程技术网
  • parsing/
  • Parsing 如何使用Java中的Grok解析。。有什么例子吗。?

Parsing 如何使用Java中的Grok解析。。有什么例子吗。?

parsing

Parsing 如何使用Java中的Grok解析。。有什么例子吗。?,parsing,logstash-grok,Parsing,Logstash Grok,我见过Grok在解析日志数据时非常强大和致命。我想在java应用程序中使用Grok进行日志解析。。如何从Java连接/使用Grok 尝试从GitHub下载java grok: 您可以使用Grok调试器测试模式:查看此Java库 您可以将其作为maven依赖项包含在项目中 <dependency> <groupId>org.aicer.grok</groupId> <artifactId>grok</artifactId>

我见过Grok在解析日志数据时非常强大和致命。我想在java应用程序中使用Grok进行日志解析。。如何从Java连接/使用Grok

尝试从GitHub下载java grok:
您可以使用Grok调试器测试模式:

查看此Java库

您可以将其作为maven依赖项包含在项目中

<dependency>
    <groupId>org.aicer.grok</groupId>
    <artifactId>grok</artifactId>
    <version>0.9.0</version>
</dependency>
下面的示例不使用文件直接将字符串模式添加到字典中

final GrokDictionary dictionary = new GrokDictionary();

// Load the built-in dictionaries
dictionary.addBuiltInDictionaries();

// Add custom pattern directly

dictionary.addDictionary(new StringReader("DOMAINTLD [a-zA-Z]+"));
dictionary.addDictionary(new StringReader("EMAIL %{NOTSPACE}@%{WORD}\.%{DOMAINTLD}"));

// Resolve all expressions loaded
dictionary.bind();
下面是一个如何使用该库的完整示例

    public final class GrokStage {

  private static final void displayResults(final Map<String, String> results) {
    if (results != null) {
      for(Map.Entry<String, String> entry : results.entrySet()) {
        System.out.println(entry.getKey() + "=" + entry.getValue());
      }
    }
  }

  public static void main(String[] args) {

    final String rawDataLine1 = "1234567 - israel.ekpo@massivelogdata.net cc55ZZ35 1789 Hello Grok";
    final String rawDataLine2 = "98AA541 - israel-ekpo@israelekpo.com mmddgg22 8800 Hello Grok";
    final String rawDataLine3 = "55BB778 - ekpo.israel@example.net secret123 4439 Valid Data Stream";

    final String expression = "%{EMAIL:username} %{USERNAME:password} %{INT:yearOfBirth}";

    final GrokDictionary dictionary = new GrokDictionary();

    // Load the built-in dictionaries
    dictionary.addBuiltInDictionaries();

    // Resolve all expressions loaded
    dictionary.bind();

    // Take a look at how many expressions have been loaded
    System.out.println("Dictionary Size: " + dictionary.getDictionarySize());

    Grok compiledPattern = dictionary.compileExpression(expression);

    displayResults(compiledPattern.extractNamedGroups(rawDataLine1));
    displayResults(compiledPattern.extractNamedGroups(rawDataLine2));
    displayResults(compiledPattern.extractNamedGroups(rawDataLine3));
  }
}

public final class GrokStage{
私有静态最终无效显示结果(最终地图结果){
如果(结果!=null){
for(Map.Entry:results.entrySet()){
System.out.println(entry.getKey()+“=”+entry.getValue());
}
}
}
公共静态void main(字符串[]args){
最后一个字符串rawDataLine1=“1234567-以色列。ekpo@massivelogdata.netcc55ZZ35 1789“你好,格罗克”;
最终字符串rawDataLine2=“98AA541-以色列-ekpo@israelekpo.commmddgg22 8800“你好,格罗克”;
最终字符串rawDataLine3=“55BB778-ekpo。israel@example.netsecret123 4439有效数据流”;
最后一个字符串表达式=“%{EMAIL:username}%{username:password}%{INT:yearOfBirth}”;
最终GrokDictionary字典=新GrokDictionary();
//加载内置字典
dictionary.addBuiltIndications();
//解析加载的所有表达式
bind();
//看看有多少表达式已加载
System.out.println(“字典大小:+Dictionary.getDictionarySize());
Grok compiledPattern=dictionary.compileExpression(表达式);
显示结果(compiledPattern.ExtractNamedGroup(rawDataLine1));
显示结果(compiledPattern.ExtractNamedGroup(rawDataLine2));
显示结果(compiledPattern.ExtractNamedGroup(rawDataLine3));
}
}

    public final class GrokStage {

  private static final void displayResults(final Map<String, String> results) {
    if (results != null) {
      for(Map.Entry<String, String> entry : results.entrySet()) {
        System.out.println(entry.getKey() + "=" + entry.getValue());
      }
    }
  }

  public static void main(String[] args) {

    final String rawDataLine1 = "1234567 - israel.ekpo@massivelogdata.net cc55ZZ35 1789 Hello Grok";
    final String rawDataLine2 = "98AA541 - israel-ekpo@israelekpo.com mmddgg22 8800 Hello Grok";
    final String rawDataLine3 = "55BB778 - ekpo.israel@example.net secret123 4439 Valid Data Stream";

    final String expression = "%{EMAIL:username} %{USERNAME:password} %{INT:yearOfBirth}";

    final GrokDictionary dictionary = new GrokDictionary();

    // Load the built-in dictionaries
    dictionary.addBuiltInDictionaries();

    // Resolve all expressions loaded
    dictionary.bind();

    // Take a look at how many expressions have been loaded
    System.out.println("Dictionary Size: " + dictionary.getDictionarySize());

    Grok compiledPattern = dictionary.compileExpression(expression);

    displayResults(compiledPattern.extractNamedGroups(rawDataLine1));
    displayResults(compiledPattern.extractNamedGroups(rawDataLine2));
    displayResults(compiledPattern.extractNamedGroups(rawDataLine3));
  }
}