Stack Overflow
Stack Overflow

Questions tagged [grok]

Grok is a web framework running atop of Zope application server written in Python with aim to make Zope technology more accessible to the masses as well as speed up the development process. Exploiting convention-over-configuration paradigm, Grok uses Zope Toolkit libraries and provides building blocks for your application along with the way to tie it all together.

Grok is a web framework running atop of Zope application server written in Python with aim to make Zope technology more accessible to the masses as well as speed up the development process.

Exploiting convention-over-configuration paradigm Grok uses Zope Toolkit libraries and provides building blocks for your application along with the way to tie it all together.

Visit grok to learn more.

486 questions
1
vote
5 answers

Grok Learning: How to write a Python program to read in a list of integer costs, and print out the total sum of all of the costs

New to Python, doing Introduction to Programming with Python with Grok Learning. I have this problem where I need to take input, convert to a list, convert to integers and then collect the sum of the integers. Here's what I have so far: expenses =…
user8509045
1
vote
1 answer

custom log grok pattern

I am trying to parse a custom log line using grok pattern but I'm not able to completely parse the line. Custom log line: site 'TRT' : alias 'TRT,FAK,FAS,ATI,ONE,DVZ,TWO' : serveur 'Test10011' RAS : TRT / TRT serveur 'Test10011' OK Grok pattern:…
user3758867
  • 45
  • 8
1
vote
1 answer

How do I split a filename using Logstash Grok?

One of these days I'll learn regex. I have the following filename PE-run1000hbgmm3f1-job1000hbgmm3dt-Output-Workflow-1000hbgmm3fb-22.07.17.log I'm able to get this to work…
Chris F
  • 14,337
  • 30
  • 94
  • 192
1
vote
1 answer

parsing white spaces in grok

I'm having some issue with white spaces in grok... I have strings that look like this: 1491783364087 group-segmentation-service-master asdf-replica-sync-dev 5 55 55 0 …
lightweight
  • 3,227
  • 14
  • 79
  • 142
1
vote
2 answers

Logstash Grok Parse Error - fail2ban log

I am trying to parse a fail2ban log file using the config file and pattern below (via an online tutorial). However I am getting a grok parse error, any ideas how to fix this? log file format: 2017-02-13 18:49:52,567 fail2ban.actions [1365]:…
Ifechi
  • 107
  • 8
1
vote
1 answer

How to remove part of the string before specific word using grok or gsub in logstash?

I have a string field "origin_message". It is pretty big one (used multiline to get mail content. Example of "origin_message": Delivered-to: somemail@domain.com A LOT OF OTHER CONTENT Subject: Subject goes here AND THE REST OF THE MESSAGE Desired…
AlexHalkin
  • 1,088
  • 14
  • 33
1
vote
1 answer

Logstash filter by nested field

I make a REST request that sends back the following format: { "data": [ { "loggerName": "org.mule.processor.SedaStageLifecycleManager", "threadName": "qtp1351031503-37", "timestamp": 1482827683939, "message":…
html_programmer
  • 18,126
  • 18
  • 85
  • 158
1
vote
1 answer

Grok pattern for extracting complicated line structure?

I have single line like sgcib.solstis.core.dao.referential.InsertionMonitoringDao:10:37:36.860 [SOLSTAIRJVM1: customService :false-persistor-3-] INFO Begin updating insertion_monitoring table: analysisProcessId=1000000648897,…
Nagappa L M
  • 1,452
  • 4
  • 20
  • 33
1
vote
1 answer

Logstash Grok get number field

I use Grok filter in Logstash to break one long message into several fields. The example Message: http://localhost:8080/MRLService/api/v1/reportNotes 11-24-2016 10:59:49 8ms country=AUS pesticide=ABA3000 filter: filter { grok {match =>…
Sean Sun
  • 496
  • 1
  • 4
  • 14
1
vote
1 answer

Logstash grok filter for collectd metrics data

I'm processing some metrics data and store them into Elasticsearch. Now I want to get those data from Elasticsearch and apply a filter on them, the goal is to have more relevant fields after the logstash filtering. For this purpose, I planed to use…
Maximilien Belinga
  • 3,076
  • 2
  • 25
  • 39
1
vote
1 answer

(Logstash, Grok) if field contains a specific word, then save some characters from it

I have following filter which achieves most of my needs: filter { grok { match => { "message" => [ "%{IPORHOST:clientip} - %{NGUSER:user} \[%{HTTPDATE:timestamp}\] (?:%{WORD:verb} %{NOTSPACE:request}(?:…
Edgar
  • 13
  • 1
  • 5
1
vote
1 answer

Graylog cannot look a field as numeric

I use Graylog 2.10.0 to collect the logs. I set a Grok pattern to parse my log, and one field is %{NUMBER:consume_time;int}ms,and it works well, I capture consume_time correctly, but when I try to use "statistics" function, it only show "Total" and…
mikeshi
  • 63
  • 1
  • 9
1
vote
1 answer

grok parser (unexpected null in %{IPORHOST:syslog_server}) HAproxy

Following log: Jul 25 07:45:12 tst-proxy202 haproxy[1104]: 10.64.111.222:36635 [25/Jul/2016:07:45:12.479] promocloud~ promocloud/tst-service-proxy203 32/0/1/27/60 200 664 - - ---- 0/0/0/0/0 0/0 {} {} "POST /RTI HTTP/1.1" Is parsed with…
sirkubax
  • 885
  • 2
  • 10
  • 19
1
vote
1 answer

Logstash pattern matching more than it should

I have a log line (multiline match) that looks like the following: 3574874 14/Jul/2016 20:42:37 +0000 ERROR [http-bio-0.0.0.0-8443-exec-128] error_jsp _jspService > could not lock:…
A_Elric
  • 3,508
  • 13
  • 52
  • 85
1
vote
1 answer

Grok pattern to match email address

I have the following Grok patterns defined in a pattern file HOSTNAME \b(?:[0-9A-Za-z][0-9A-Za-z-]{0,62})(?:\.(?:[0-9A-Za-z][0-9A-Za-z-]{0,62}))*(\.?|\b) EMAILLOCALPART [a-zA-Z][a-zA-Z0-9_.+-=:]+ EMAILADDRESS %{EMAILLOCALPART}@%{HOSTNAME} For some…
A_Elric
  • 3,508
  • 13
  • 52
  • 85
1 2 3
32 33