Events-log4j-parser: Difference between revisions
(→Usage) |
|||
Line 42: | Line 42: | ||
==Log Format Specification== | ==Log Format Specification== | ||
The parser may be configured to expect a specific log4j format specification, which then it will try to use when parsing the file. | |||
The log format specification is optional. If not specified, heuristic rules are used to parse the file, but the results may be not what you expect, if the heuristics fails. | |||
If the log format specification is provided, it should be the exact string that otherwise may be used to provide specification to the log4j API, enclosed in single quotes, to avoid various bash command line expansions. If the parser realizes that the log file content does not match the provided format specification, the parser will fail. | |||
-f '''log4j-format-string''' | --format='''log4j-format-string''' | |||
==Query Syntax== | ==Query Syntax== | ||
The query is optional, If specified, it must follow the syntax described here: {{Internal|Events-api_Concepts#Query|Queries}} | The query is optional, If specified, it must follow the syntax described here: {{Internal|Events-api_Concepts#Query|Queries}} |
Revision as of 15:04, 28 October 2017
Internal
Overview
A library that produces timed events from log4j logs.
GitHub
Installation
Installs as a command line utility lg-<version>.zip.
TODO
./doc/Events log4j Parser TODO.docx.
Usage
lg [query] [log-format-specification] [command] [command options] <log-file1> [log-file2 ...]
The command is optional.
When the command is missing, the implied command is "output", which works as described here:
Unless output filtering options are used, the events are displayed in their raw format, which is how they appear in the original log.
Commands:
- help
- version
- output
- describe - displays a description of the events produced as the result of the parsing.
- time-gaps - identify time gaps in the log
- count (-c) - display the number of events that match the query.
- exclude (-x) - filter out the events that match the query, and only display those that do not match. This command is equivalent with the grep --invert-match (-v) option.
For more details about commands (procedures), see:
Log Format Specification
The parser may be configured to expect a specific log4j format specification, which then it will try to use when parsing the file.
The log format specification is optional. If not specified, heuristic rules are used to parse the file, but the results may be not what you expect, if the heuristics fails.
If the log format specification is provided, it should be the exact string that otherwise may be used to provide specification to the log4j API, enclosed in single quotes, to avoid various bash command line expansions. If the parser realizes that the log file content does not match the provided format specification, the parser will fail.
-f 'log4j-format-string | --format='log4j-format-string
Query Syntax
The query is optional, If specified, it must follow the syntax described here: