本文整理了Java中oi.thekraken.grok.api.Grok.match()
方法的一些代码示例,展示了Grok.match()
的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Grok.match()
方法的具体详情如下:
包路径:oi.thekraken.grok.api.Grok
类名称:Grok
方法名:match
暂无
代码示例来源:origin: spotify/heroic
public Map<String, Object> parse(final String input) {
final Match m = instance.match(input);
if (m == Match.EMPTY) {
return ImmutableMap.of();
}
m.captures();
return m.toMap();
}
}
代码示例来源:origin: apache/metron
Set<String> keys = new TreeSet<>();
for(String str : strs) {
Match m = grok.match(str);
m.captures();
Map<String, Object> ret = m.toMap();
代码示例来源:origin: apache/metron
LOG.debug("Grok parser parsing message: {}", originalMessage);
try {
Match gm = grok.match(originalMessage);
gm.captures();
JSONObject message = new JSONObject();
代码示例来源:origin: apache/metron
originalMessage = new String(rawMessage, "UTF-8");
LOG.debug("Grok parser parsing message: {}",originalMessage);
Match gm = grok.match(originalMessage);
gm.captures();
JSONObject message = new JSONObject();
代码示例来源:origin: apache/metron
Match syslogMatch = syslogGrok.match(logLine);
syslogMatch.captures();
if (!syslogMatch.isNull()) {
Match messageMatch = asaGrok.match(messageContent);
messageMatch.captures();
if (!messageMatch.isNull()) {
代码示例来源:origin: apache/metron
@Override
public GrokValidation validateGrokStatement(GrokValidation grokValidation) throws RestException {
Map<String, Object> results;
try {
if (grokValidation.getPatternLabel() == null) {
throw new RestException("Pattern label is required");
}
if (Strings.isEmpty(grokValidation.getStatement())) {
throw new RestException("Grok statement is required");
}
Grok grok = new Grok();
grok.addPatternFromReader(new InputStreamReader(getClass().getResourceAsStream(
"/patterns/common")));
grok.addPatternFromReader(new StringReader(grokValidation.getStatement()));
String grokPattern = "%{" + grokValidation.getPatternLabel() + "}";
grok.compile(grokPattern);
Match gm = grok.match(grokValidation.getSampleData());
gm.captures();
results = gm.toMap();
results.remove(grokValidation.getPatternLabel());
} catch (Exception e) {
throw new RestException(e);
}
grokValidation.setResults(results);
return grokValidation;
}
代码示例来源:origin: OpenSOC/opensoc-streaming
private Map<String, Object> getMap(String pattern, String text)
throws GrokException {
Grok g = grokMap.get(pattern);
if (g != null) {
Match gm = g.match(text);
gm.captures();
return gm.toMap();
} else {
return new HashMap<String, Object>();
}
}
代码示例来源:origin: org.graylog2/graylog2-server
@Override
protected Result[] run(String value) {
// the extractor instance is rebuilt every second anyway
final Match match = grok.match(value);
match.captures();
final Map<String, Object> matches = match.toMap();
final List<Result> results = Lists.newArrayListWithCapacity(matches.size());
for (final Map.Entry<String, Object> entry : matches.entrySet()) {
// never add null values to the results, those don't make sense for us
if (entry.getValue() != null) {
results.add(new Result(entry.getValue(), entry.getKey(), -1, -1));
}
}
return results.toArray(new Result[results.size()]);
}
}
代码示例来源:origin: com.tomitribe.tribestream/tribestream-container
public Map<String, Object> grokIt(final String message) {
try {
final Match gm = grok.match(message);
gm.captures();
return gm.toMap();
} catch (final Throwable t) {
// the message will still be in elastic search so no need to throw any error or severe log
LOGGER.fine(ContainerCodes.CANT_GROK_MESSAGE, "Can't grok the message {0}. Error is {1}.", new Object[]{message, t.getMessage()});
return new HashMap<>();
}
}
代码示例来源:origin: stackoverflow.com
Grok grok = Grok.create("pat.txt");
// compile and add semantic
grok.compile("%{NUMBER:hits} %{USER:word}");
String str = "234 wdfd\n";
Match m = grok.match(str);
m.captures();
// Print
System.out.println(m.toJson());
// Here you dont need to create a new instance of grok [grok = Grok.EMPTY;]
str = "ssdfsdf\n";
// here you can reuse the matcher if you want.
Match m2 = grok.match(str);
m2.captures();
System.out.println(m2.toJson());
代码示例来源:origin: OpenSOC/opensoc-streaming
@Override
public JSONObject parse(byte[] raw_message) {
JSONObject payload = new JSONObject();
String toParse = "";
JSONObject toReturn;
try {
toParse = new String(raw_message, "UTF-8");
Match gm = grok.match(toParse);
gm.captures();
toReturn = new JSONObject();
toReturn.putAll(gm.toMap());
toReturn.remove("SOURCEFIRE");
String proto = toReturn.get("protocol").toString();
proto = proto.replace("{", "");
proto = proto.replace("}", "");
toReturn.put("protocol", proto);
return toReturn;
}
catch(Exception e)
{
e.printStackTrace();
return null;
}
}
代码示例来源:origin: OpenSOC/opensoc-streaming
Match gm = grok.match(toParse);
gm.captures();
代码示例来源:origin: org.graylog2/graylog2-server
private GrokTesterResponse doTestGrok(String string, String pattern, boolean namedCapturesOnly) throws GrokException {
final Set<GrokPattern> grokPatterns = grokPatternService.loadAll();
final Grok grok = new Grok();
for (GrokPattern grokPattern : grokPatterns) {
grok.addPattern(grokPattern.name(), grokPattern.pattern());
}
grok.compile(pattern, namedCapturesOnly);
final Match match = grok.match(string);
match.captures();
final Map<String, Object> matches = match.toMap();
final GrokTesterResponse response;
if (matches.isEmpty()) {
response = GrokTesterResponse.create(false, Collections.<GrokTesterResponse.Match>emptyList(), pattern, string);
} else {
final List<GrokTesterResponse.Match> responseMatches = Lists.newArrayList();
for (final Map.Entry<String, Object> entry : matches.entrySet()) {
final Object value = entry.getValue();
if (value != null) {
responseMatches.add(GrokTesterResponse.Match.create(entry.getKey(), value.toString()));
}
}
response = GrokTesterResponse.create(true, responseMatches, pattern, string);
}
return response;
}
}
代码示例来源:origin: caskdata/cdap
@Override
public StructuredRecord read(ByteBuffer input) throws UnexpectedFormatException {
String bodyAsStr = Bytes.toString(input, StandardCharsets.UTF_8);
StructuredRecord.Builder builder = StructuredRecord.builder(schema);
Match gm = grok.match(bodyAsStr);
gm.captures();
Map<String, Object> x = gm.toMap();
for (Schema.Field field : schema.getFields()) {
String fieldName = field.getName();
Object value = x.get(fieldName);
if (value != null) {
builder.convertAndSet(fieldName, value.toString());
}
}
return builder.build();
}
代码示例来源:origin: com.wavefront/proxy
Match match = grok().match(logsMessage.getLogLine());
match.captures();
if (match.getEnd() == 0) return null;
代码示例来源:origin: wavefrontHQ/java
Match match = grok().match(logsMessage.getLogLine());
match.captures();
if (match.getEnd() == 0) return null;
代码示例来源:origin: co.cask.cdap/cdap-formats
@Override
public StructuredRecord read(StreamEvent event) throws UnexpectedFormatException {
String bodyAsStr = Bytes.toString(event.getBody(), Charsets.UTF_8);
StructuredRecord.Builder builder = StructuredRecord.builder(schema);
Match gm = grok.match(bodyAsStr);
gm.captures();
Map<String, Object> x = gm.toMap();
for (Schema.Field field : schema.getFields()) {
String fieldName = field.getName();
Object value = x.get(fieldName);
if (value != null) {
builder.convertAndSet(fieldName, value.toString());
}
}
return builder.build();
}
内容来源于网络,如有侵权,请联系作者删除!