Log4cxx log file analysis

Question

Could anybody tell me please, what's up with log4cxx analysis tools ?

My goal is to parse log4cxx log file, for instance, by defining start message of the function and the end message of the function.

Then I need to get timings by different sub operations inside it separately.

Is there any way to do this without of writing bunch of code ?

If you know how to get Splunk to work with this stuff, please, your information will be very useful.

P.S.

I dont need to parse apache files, I dont need to connect by the ethernet to get logging. I just need to parse local log4cxx file on my hard drive.

Thank you very much for your time.

The log looks like this:

DEBUG 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:489 CURRENT_STATE - Query executed.
DEBUG 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:633 CURRENT_STATE - Start
TRACE 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:138 CURRENT_STATE - next #0 XXXXXX double value: 1
TRACE 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:138 CURRENT_STATE - next #1 XXXXXX double value: 1
TRACE 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:138 CURRENT_STATE - next #2 XXXXXX double value: 1

score 1 · Answer 1 · answered Mar 22 '12 at 19:37

1

Splunk already recognizes log4j formatted log files - is the log4cxx output format different? Try using sourcetype=log4j and see what happens...

If it doesn't work, can you post a sample of the log file so that I can see how it differs?

Thx

answered Mar 22 '12 at 19:37

lguinn

50
5

Thank you for your response, lGuinn. The log sample is posted up there inside of the topic description. – Alexander.Iljushkin Jun 01 '12 at 14:10

Log4cxx log file analysis

1 Answers1