Example 1 with Match
use of oi.thekraken.grok.api.Match in project graylog2-server by Graylog2.
the class GrokExtractor method run.
@Override
protected Result[] run(String value) {
// the extractor instance is rebuilt every second anyway
final Match match = grok.match(value);
match.captures();
final Map<String, Object> matches = match.toMap();
final List<Result> results = Lists.newArrayListWithCapacity(matches.size());
for (final Map.Entry<String, Object> entry : matches.entrySet()) {
// never add null values to the results, those don't make sense for us
if (entry.getValue() != null) {
results.add(new Result(entry.getValue(), entry.getKey(), -1, -1));
}
}
return results.toArray(new Result[results.size()]);
}Example 2 with Match
use of oi.thekraken.grok.api.Match in project graylog2-server by Graylog2.
the class GrokTesterResource method doTestGrok.
private GrokTesterResponse doTestGrok(String string, String pattern, boolean namedCapturesOnly) throws GrokException {
final Set<GrokPattern> grokPatterns = grokPatternService.loadAll();
final Grok grok = new Grok();
for (GrokPattern grokPattern : grokPatterns) {
grok.addPattern(grokPattern.name(), grokPattern.pattern());
}
grok.compile(pattern, namedCapturesOnly);
final Match match = grok.match(string);
match.captures();
final Map<String, Object> matches = match.toMap();
final GrokTesterResponse response;
if (matches.isEmpty()) {
response = GrokTesterResponse.create(false, Collections.<GrokTesterResponse.Match>emptyList(), pattern, string);
} else {
final List<GrokTesterResponse.Match> responseMatches = Lists.newArrayList();
for (final Map.Entry<String, Object> entry : matches.entrySet()) {
final Object value = entry.getValue();
if (value != null) {
responseMatches.add(GrokTesterResponse.Match.create(entry.getKey(), value.toString()));
}
}
response = GrokTesterResponse.create(true, responseMatches, pattern, string);
}
return response;
}
Also used :
GrokPattern(org.graylog2.grok.GrokPattern)
Grok(oi.thekraken.grok.api.Grok)
Map(java.util.Map)
GrokTesterResponse(org.graylog2.rest.resources.tools.responses.GrokTesterResponse)
Match(oi.thekraken.grok.api.Match)
Example 3 with Match
use of oi.thekraken.grok.api.Match in project cdap by caskdata.
the class GrokRecordFormat method read.
@Override
public StructuredRecord read(StreamEvent event) throws UnexpectedFormatException {
String bodyAsStr = Bytes.toString(event.getBody(), Charsets.UTF_8);
StructuredRecord.Builder builder = StructuredRecord.builder(schema);
Match gm = grok.match(bodyAsStr);
gm.captures();
Map<String, Object> x = gm.toMap();
for (Schema.Field field : schema.getFields()) {
String fieldName = field.getName();
Object value = x.get(fieldName);
if (value != null) {
builder.convertAndSet(fieldName, value.toString());
}
}
return builder.build();
}
Also used :
Schema(co.cask.cdap.api.data.schema.Schema)
StructuredRecord(co.cask.cdap.api.data.format.StructuredRecord)
Match(oi.thekraken.grok.api.Match)
Aggregations
Match (oi.thekraken.grok.api.Match)3
Map (java.util.Map)2
StructuredRecord (co.cask.cdap.api.data.format.StructuredRecord)1
Schema (co.cask.cdap.api.data.schema.Schema)1
Grok (oi.thekraken.grok.api.Grok)1
GrokPattern (org.graylog2.grok.GrokPattern)1
GrokTesterResponse (org.graylog2.rest.resources.tools.responses.GrokTesterResponse)1
