Events-log4j-parser: Difference between revisions
Jump to navigation
Jump to search
(→Usage) |
(→Query) |
||
| Line 28: | Line 28: | ||
The query filters the events that will displayed. | The query filters the events that will displayed. | ||
A query contains: | |||
* keywords | |||
* event fields | |||
* regular expressions | |||
When multiple keywords are present in query, the implied boolean operator is OR. For example, the following query: | |||
<pre> | |||
blue red | |||
</pre> | |||
will return all events that contain "blue" and all events that contain "red". | |||
Note that | |||
<pre> | |||
blue red | |||
</pre> | |||
and | |||
<pre> | |||
"blue red" | |||
</pre> | |||
are different. | |||
Revision as of 00:45, 3 June 2017
Internal
Overview
A library that produces timed events from log4j logs.
GitHub
Installation
Installs as a command line utility log4jp-<version>.zip.
TODO
./doc/Events log4j Parser TODO.docx.
Usage
log4jp <log-file> [query]
Query
The query filters the events that will displayed.
A query contains:
- keywords
- event fields
- regular expressions
When multiple keywords are present in query, the implied boolean operator is OR. For example, the following query:
blue red
will return all events that contain "blue" and all events that contain "red".
Note that
blue red
and
"blue red"
are different.