oi.thekraken.grok.api.Grok.match()方法的使用及代码示例

x33g5p2x  于2022-01-20 转载在 其他  
字(6.9k)|赞(0)|评价(0)|浏览(83)

本文整理了Java中oi.thekraken.grok.api.Grok.match()方法的一些代码示例,展示了Grok.match()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Grok.match()方法的具体详情如下:
包路径:oi.thekraken.grok.api.Grok
类名称:Grok
方法名:match

Grok.match介绍

暂无

代码示例

代码示例来源:origin: spotify/heroic

public Map<String, Object> parse(final String input) {
    final Match m = instance.match(input);

    if (m == Match.EMPTY) {
      return ImmutableMap.of();
    }

    m.captures();
    return m.toMap();
  }
}

代码示例来源:origin: apache/metron

Set<String> keys = new TreeSet<>();
for(String str : strs) {
 Match m = grok.match(str);
 m.captures();
 Map<String, Object> ret = m.toMap();

代码示例来源:origin: apache/metron

LOG.debug("Grok parser parsing message: {}", originalMessage);
try {
 Match gm = grok.match(originalMessage);
 gm.captures();
 JSONObject message = new JSONObject();

代码示例来源:origin: apache/metron

originalMessage = new String(rawMessage, "UTF-8");
LOG.debug("Grok parser parsing message: {}",originalMessage);
Match gm = grok.match(originalMessage);
gm.captures();
JSONObject message = new JSONObject();

代码示例来源:origin: apache/metron

Match syslogMatch = syslogGrok.match(logLine);
 syslogMatch.captures();
 if (!syslogMatch.isNull()) {
Match messageMatch = asaGrok.match(messageContent);
messageMatch.captures();
if (!messageMatch.isNull()) {

代码示例来源:origin: apache/metron

@Override
public GrokValidation validateGrokStatement(GrokValidation grokValidation) throws RestException {
  Map<String, Object> results;
  try {
    if (grokValidation.getPatternLabel() == null) {
     throw new RestException("Pattern label is required");
    }
    if (Strings.isEmpty(grokValidation.getStatement())) {
     throw new RestException("Grok statement is required");
    }
    Grok grok = new Grok();
    grok.addPatternFromReader(new InputStreamReader(getClass().getResourceAsStream(
      "/patterns/common")));
    grok.addPatternFromReader(new StringReader(grokValidation.getStatement()));
    String grokPattern = "%{" + grokValidation.getPatternLabel() + "}";
    grok.compile(grokPattern);
    Match gm = grok.match(grokValidation.getSampleData());
    gm.captures();
    results = gm.toMap();
    results.remove(grokValidation.getPatternLabel());
  } catch (Exception e) {
    throw new RestException(e);
  }
  grokValidation.setResults(results);
  return grokValidation;
}

代码示例来源:origin: OpenSOC/opensoc-streaming

private Map<String, Object> getMap(String pattern, String text)
    throws GrokException {
  Grok g = grokMap.get(pattern);
  if (g != null) {
    Match gm = g.match(text);
    gm.captures();
    return gm.toMap();
  } else {
    return new HashMap<String, Object>();
  }
}

代码示例来源:origin: org.graylog2/graylog2-server

@Override
  protected Result[] run(String value) {

    // the extractor instance is rebuilt every second anyway
    final Match match = grok.match(value);
    match.captures();
    final Map<String, Object> matches = match.toMap();
    final List<Result> results = Lists.newArrayListWithCapacity(matches.size());

    for (final Map.Entry<String, Object> entry : matches.entrySet()) {
      // never add null values to the results, those don't make sense for us
      if (entry.getValue() != null) {
        results.add(new Result(entry.getValue(), entry.getKey(), -1, -1));
      }
    }

    return results.toArray(new Result[results.size()]);
  }
}

代码示例来源:origin: com.tomitribe.tribestream/tribestream-container

public Map<String, Object> grokIt(final String message) {
  try {
    final Match gm = grok.match(message);
    gm.captures();
    return gm.toMap();
  } catch (final Throwable t) {
    // the message will still be in elastic search so no need to throw any error or severe log
    LOGGER.fine(ContainerCodes.CANT_GROK_MESSAGE, "Can't grok the message {0}. Error is {1}.", new Object[]{message, t.getMessage()});
    return new HashMap<>();
  }
}

代码示例来源:origin: stackoverflow.com

Grok grok = Grok.create("pat.txt");
// compile and add semantic
grok.compile("%{NUMBER:hits} %{USER:word}");

String str = "234 wdfd\n";
Match m = grok.match(str);
m.captures();

// Print
System.out.println(m.toJson());

// Here you dont need to create a new instance of grok [grok = Grok.EMPTY;]
str = "ssdfsdf\n";
// here you can reuse the matcher if you want.
Match m2 = grok.match(str);
m2.captures();

System.out.println(m2.toJson());

代码示例来源:origin: OpenSOC/opensoc-streaming

@Override
public JSONObject parse(byte[] raw_message) {
  JSONObject payload = new JSONObject();
  String toParse = "";
  JSONObject toReturn;
  
  try {
    toParse = new String(raw_message, "UTF-8");
    Match gm = grok.match(toParse);
    gm.captures();
    
    toReturn = new JSONObject();
    
    toReturn.putAll(gm.toMap());
    toReturn.remove("SOURCEFIRE");
    String proto = toReturn.get("protocol").toString();
    proto = proto.replace("{", "");
    proto = proto.replace("}", "");
    toReturn.put("protocol", proto);
    return toReturn;
    
  }
  catch(Exception e)
  {
    e.printStackTrace();
    return null;
  }
  
}

代码示例来源:origin: OpenSOC/opensoc-streaming

Match gm = grok.match(toParse);
gm.captures();

代码示例来源:origin: org.graylog2/graylog2-server

private GrokTesterResponse doTestGrok(String string, String pattern, boolean namedCapturesOnly) throws GrokException {
    final Set<GrokPattern> grokPatterns = grokPatternService.loadAll();

    final Grok grok = new Grok();
    for (GrokPattern grokPattern : grokPatterns) {
      grok.addPattern(grokPattern.name(), grokPattern.pattern());
    }

    grok.compile(pattern, namedCapturesOnly);
    final Match match = grok.match(string);
    match.captures();
    final Map<String, Object> matches = match.toMap();

    final GrokTesterResponse response;
    if (matches.isEmpty()) {
      response = GrokTesterResponse.create(false, Collections.<GrokTesterResponse.Match>emptyList(), pattern, string);
    } else {
      final List<GrokTesterResponse.Match> responseMatches = Lists.newArrayList();
      for (final Map.Entry<String, Object> entry : matches.entrySet()) {
        final Object value = entry.getValue();
        if (value != null) {
          responseMatches.add(GrokTesterResponse.Match.create(entry.getKey(), value.toString()));
        }
      }

      response = GrokTesterResponse.create(true, responseMatches, pattern, string);
    }
    return response;
  }
}

代码示例来源:origin: caskdata/cdap

@Override
public StructuredRecord read(ByteBuffer input) throws UnexpectedFormatException {
 String bodyAsStr = Bytes.toString(input, StandardCharsets.UTF_8);
 StructuredRecord.Builder builder = StructuredRecord.builder(schema);
 Match gm = grok.match(bodyAsStr);
 gm.captures();
 Map<String, Object> x = gm.toMap();
 for (Schema.Field field : schema.getFields()) {
  String fieldName = field.getName();
  Object value = x.get(fieldName);
  if (value != null) {
   builder.convertAndSet(fieldName, value.toString());
  }
 }
 return builder.build();
}

代码示例来源:origin: com.wavefront/proxy

Match match = grok().match(logsMessage.getLogLine());
match.captures();
if (match.getEnd() == 0) return null;

代码示例来源:origin: wavefrontHQ/java

Match match = grok().match(logsMessage.getLogLine());
match.captures();
if (match.getEnd() == 0) return null;

代码示例来源:origin: co.cask.cdap/cdap-formats

@Override
public StructuredRecord read(StreamEvent event) throws UnexpectedFormatException {
 String bodyAsStr = Bytes.toString(event.getBody(), Charsets.UTF_8);
 StructuredRecord.Builder builder = StructuredRecord.builder(schema);
 Match gm = grok.match(bodyAsStr);
 gm.captures();
 Map<String, Object> x = gm.toMap();
 for (Schema.Field field : schema.getFields()) {
  String fieldName = field.getName();
  Object value = x.get(fieldName);
  if (value != null) {
   builder.convertAndSet(fieldName, value.toString());
  }
 }
 return builder.build();
}

相关文章

微信公众号

最新文章

更多