Events-log4j-parser: Difference between revisions
Jump to navigation
Jump to search
| Line 47: | Line 47: | ||
will return all events that contain "blue" and all events that contain "red". Those events that contain both "blue" and "red" will be represented once in the returned set. | will return all events that contain "blue" and all events that contain "red". Those events that contain both "blue" and "red" will be represented once in the returned set. | ||
Note that | Note that: | ||
<pre> | <pre> | ||
| Line 53: | Line 53: | ||
</pre> | </pre> | ||
and | and: | ||
<pre> | <pre> | ||
Revision as of 15:14, 19 July 2017
Internal
Overview
A library that produces timed events from log4j logs.
GitHub
Installation
Installs as a command line utility log4jp-<version>.zip.
TODO
./doc/Events log4j Parser TODO.docx.
Usage
log4jp <log-file> [query]
Query
The query filters the events that will displayed.
A query contains:
- keywords
- event properties
- regular expressions
Keyword Query
The keyword query is by default case insensitive, unless ... is specified.
When multiple separate keywords are present in query, the query selects the union of events that contain each keyword.
blue red
will return all events that contain "blue" and all events that contain "red". Those events that contain both "blue" and "red" will be represented once in the returned set.
Note that:
blue red
and:
"blue red"
are different.
Keywords are matched against each property.
Event Property Query
Event property values can be queried using the following syntax:
property-name:query