《Elastic Stack 实战手册》——三、产品能力——3.4.入门篇——3.4.3.Kibana基础应用(6) https://developer.aliyun.com/article/1228979
例一
input
[2020-04-03T16:51:35,918] [DEBUG] [o.e.a.a.c.n.i.TransportNodesInfoAction] [data02-131-211] failed to execute on node [08GhVGGgRCqUE3qAdXf04g] org.elasticsearch.transport.NodeNotConnectedException: [master01-34.5][172.16.34.5:9300] Node not connected
pattern
(?<date>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2},\d{3})\] \[(?<loglevel>[A-Z \s]{4,5})] \[(?<service>[A-Za-z0-9/.]{4,40})\] \[(?<node>[A-Za-z0-9/-]{4,40})\] (?<msg>.*)
result
"date": [ [ "2020-04-03T16:51:35,918" ] ], "loglevel": [ [ "DEBUG" ] ], "service": [ [ "o.e.a.a.c.n.i.TransportNodesInfoAction" ] ], "node": [ [ "data02-131-211" ] ], "msg": [ [ "failed to execute on node [08GhVGGgRCqUE3qAdXf04g] org.elasticsearch.transport.NodeNotConnectedException: [master01-34.5][172.16.34.5:9300] Node not connected" ] ] }
例二
input
[2020-04-03 09:04:20,446][INFO][Thread-16][c.h.jobhandler.ELKTestJobHandlervds.6665][ELKTestJobHandler.java : 32][elkTestJobHandler: 普通日志输出测试]
pattern
(?<date>\d{4}-\d{2}-\d{2}\s\d{2}:\d{2}:\d{2},\d{3})\]\[(?<loglevel>[A-Z]{4,5})\]\[(?<thread>[A-Za-z0-9-/-]{4,40})\]\[(?<class>[A-Za-z0-9/.]{4,40})\]\[(?<msg>.*)
result
{ "date": [ [ "2020-04-03 09:04:20,446" ] ], "loglevel": [ [ "INFO" ] ], "thread": [ [ "Thread-16" ] ], "class": [ [ "c.h.jobhandler.ELKTestJobHandlervds.6665" ] ], "msg": [ [ "ELKTestJobHandler.java : 32][elkTestJobHandler: 普通日志输出测试]" ] ] }
例三
input
2018/05/01 16:16:01.892 - OK - 759.2ms - 172.29.1.7:35184[485388]->172.7.1.39:3306[1525162561129639717]:<DB>:select count(*) from test[];
pattern
(?<date>\d{4}/\d{2}/\d{2}\s(?<datetime>%{TIME}))\s-\s(?<status>\w{2})\s-\s(?<respond_time>\d+)\.\d+\w{2}\s-\s%{IP:client}:(?<client-port>\d+)\[\d+\]->%{IP:server}:(?<server-port>\d+).*:(?<databases><\w+>):(?<SQL>.*)
result
{ "date": [ [ "2018/05/01 16:16:01.892" ] ], "datetime": [ [ "16:16:01.892" ] ], "TIME": [ [ "16:16:01.892" ] ], "HOUR": [ [ "16" ] ], "MINUTE": [ [ "16" ] ], "SECOND": [ [ "01.892" ] ], "status": [ [ "OK" ] ], "respond_time": [ [ "759" ] ], "client": [ [ "172.29.1.7" ] ], "IPV6": [ [ null, null ] ], "IPV4": [ [ "172.29.1.7", "172.7.1.39" ] ], "client-port": [ [ "35184" ] ], "server": [ [ "172.7.1.39" ] ], "server-port": [ [ "3306" ] ], "databases": [ [ "<DB>" ] ], "SQL": [ [ "select count(*) from test[];" ] ] }
《Elastic Stack 实战手册》——三、产品能力——3.4.入门篇——3.4.3.Kibana基础应用(8) https://developer.aliyun.com/article/1228977
