diff options
author | Fabian Becker <halfdan@xnorfz.de> | 2014-09-07 20:00:28 +0400 |
---|---|---|
committer | Fabian Becker <halfdan@xnorfz.de> | 2014-09-07 20:00:28 +0400 |
commit | a921bb334f1e7c6bc1d4d12628f9ad1a89dbd6a2 (patch) | |
tree | 1b65993bf9a7537b811d8491dd0a1e6f3669f2a9 /misc | |
parent | 80c67d23aabbb327d8e114f5417ac9e8ef23605a (diff) | |
parent | 7997d9b013816a39d0f3be661b596bacf6aa7bae (diff) |
Merge pull request #6131 from ahattouti-canaltp/patch-2
Update README.md
Diffstat (limited to 'misc')
-rw-r--r-- | misc/log-analytics/README.md | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/misc/log-analytics/README.md b/misc/log-analytics/README.md index 7842da798a..6c4aadf675 100644 --- a/misc/log-analytics/README.md +++ b/misc/log-analytics/README.md @@ -249,5 +249,19 @@ exec python /path/to/misc/log-analytics/import_logs.py \ --log-format-name=nginx_json - ``` +# regex example for syslog format (centralized logs) + +## log format exemple + +``` +Aug 31 23:59:59 tt-srv-name www.tt.com: 1.1.1.1 - - [31/Aug/2014:23:59:59 +0200] "GET /index.php HTTP/1.0" 200 3838 "http://www.tt.com/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0" 365020 www.tt.com +``` + +## Corresponding regex + +``` +--log-format-regex='.* ((?P<ip>\S+) \S+ \S+ \[(?P<date>.*?) (?P<timezone>.*?)\] "\S+ (?P<path>.*?) \S+" (?P<status>\S+) (?P<length>\S+) "(?P<referrer>.*?)" "(?P<user_agent>.*?)").*' +``` + And that's all ! |