Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/regex/19.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Regex 如何在NXLog中使用正则表达式对多行XML进行模式化_Regex_Xml_<img Src="//i.stack.imgur.com/RUiNP.png" Height="16" Width="18" Alt="" Class="sponsor Tag Img">elasticsearch_Multiline_Nxlog - Fatal编程技术网 elasticsearch,multiline,nxlog,Regex,Xml,elasticsearch,Multiline,Nxlog" /> elasticsearch,multiline,nxlog,Regex,Xml,elasticsearch,Multiline,Nxlog" />
Fatal编程技术网
  • regex/
  • Regex 如何在NXLog中使用正则表达式对多行XML进行模式化

Regex 如何在NXLog中使用正则表达式对多行XML进行模式化

regex xml

Regex 如何在NXLog中使用正则表达式对多行XML进行模式化,regex,xml,elasticsearch,multiline,nxlog,Regex,Xml,elasticsearch,Multiline,Nxlog,我正在尝试使用nxLog解析器to_JSON()将自定义日志文件解析为JSON,这样我就可以将它们发送到我的ElasticSearch实例中。我将把它们分成三个独立的字段,日期、日志类型指示符和消息 以下是这些日志的格式 9/10/2015 11:30:05 AM [0-1-1-Pos.xaml.cs-1607] Post button clicked 9/10/2015 11:30:17 AM [0-3-1-SecondaryPortStatus.cs-47] <TRANSACTION

我正在尝试使用nxLog解析器to_JSON()将自定义日志文件解析为JSON,这样我就可以将它们发送到我的ElasticSearch实例中。我将把它们分成三个独立的字段,日期、日志类型指示符和消息

以下是这些日志的格式

9/10/2015 11:30:05 AM [0-1-1-Pos.xaml.cs-1607] Post button clicked

9/10/2015 11:30:17 AM [0-3-1-SecondaryPortStatus.cs-47] <TRANSACTION>
  <FUNCTION_TYPE>SECONDARYPORT</FUNCTION_TYPE>
  <COMMAND>STATUS</COMMAND>
  <MAC_LABEL>XX</MAC_LABEL>
  <MAC>xOel7QeyKoXaddiyrEeWKRI1DlF9sHzUNfZHFI/gAko=</MAC>
 <COUNTER>XXX</COUNTER>
</TRANSACTION>

9/10/2015 11:30:17 AM [0-3-1-SecondaryPortStatus.cs-57] <RESPONSE>
  <RESPONSE_TEXT>Operation SUCCESSFUL</RESPONSE_TEXT>
  <RESULT>OK</RESULT>
  <RESULT_CODE>-1</RESULT_CODE>
  <TERMINATION_STATUS>SUCCESS</TERMINATION_STATUS>
  <COUNTER>221</COUNTER>
  <SECONDARY_DATA>12</SECONDARY_DATA>
  <MACLABEL_IN_SESSION>P_061</MACLABEL_IN_SESSION>
  <SESSION_DURATION>00:00:16</SESSION_DURATION>
  <INVOICE_SESSION>XX</INVOICE_SESSION>
  <SERIAL_NUMBER>XX</SERIAL_NUMBER>
</RESPONSE>`
  • 日期
  • 日志类型标识符
  • 这将是我试图弄明白的信息
    但我不知道如何在选择器和新线之间切换。所以在这个例子中,我希望我的消息在换行之前都是XML代码。有人对我如何检索数据有什么建议吗

    尝试使用多行正则表达式执行此操作:

    $ perl -0777 -ne 'print $& if !<RESPONSE>.*</RESPONSE>!s' file
    在脚本中:
    您应该能够使用nxlog的xm_多行模块,并在HeaderLine指令中指定regexp。 如果将捕获规则添加到regexp以匹配XML部分(在[…]之后的内容),那么应该能够使用xm_XML的parse_XML()解析XML

    还有一个类似的例子。

    使用触发器运算符:或 
    $ perl -0777 -ne 'print $& if !<RESPONSE>.*</RESPONSE>!s' file

    <RESPONSE>
  <RESPONSE_TEXT>Operation SUCCESSFUL</RESPONSE_TEXT>
  <RESULT>OK</RESULT>
  <RESULT_CODE>-1</RESULT_CODE>
  <TERMINATION_STATUS>SUCCESS</TERMINATION_STATUS>
  <COUNTER>221</COUNTER>
  <SECONDARY_DATA>12</SECONDARY_DATA>
  <MACLABEL_IN_SESSION>P_061</MACLABEL_IN_SESSION>
  <SESSION_DURATION>00:00:16</SESSION_DURATION>
  <INVOICE_SESSION>XX</INVOICE_SESSION>
  <SERIAL_NUMBER>XX</SERIAL_NUMBER>
</RESPONSE>

    BEGIN { $/ = undef; $\ = undef; } # input/output separator as undef
while (defined($_ = <ARGV>)) {
    print $& if m[<RESPONSE>.*</RESPONSE>]s;
}

     s   Treat string as single line. That is, change "." to match any
     character whatsoever, even a newline, which normally it would not
     match.