任何人都可以帮我从以下日志中提取日志log-level -
2017-05-16 11:52:37,962|DEBUG|logging.WorkerThread|pool-2-thread-1|RequestId:31|ServiceInstanceId:31|VirtualServerName:31|ServiceName:31|InstanceUUID:31|AlertSeverity:31|ServerIPAddress:31|ServerFQDN:31|RemoteHost:31|ClassName:31|Timer:31| This is debug
我正在使用波纹管模式来生成它 -
value="%date{ISO8601,UTC}|%.-5level|%logger|%thread|%X{LogType}|%X{Component}|%X{RequestId}|%X{ServiceInstanceId}|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
我期待这样的事情——
{
"message" => "2017-05-16 11:52:37,962|DEBUG|logging.WorkerThread|pool-2-thread-1|RequestId:31|ServiceInstanceId:31|VirtualServerName:31|ServiceName:31|InstanceUUID:31|AlertSeverity:31|ServerIPAddress:31|ServerFQDN:31|RemoteHost:31|ClassName:31|Timer:31| This is debug",
"timestamp" => "2017-05-16 11:52:37,962",
"log-level" => "DEBUG",
}
尝试以下模式:
%{TIMESTAMP_ISO8601:Data}|%{WORD:LogLevel}|%{NOTSPACE:WorkerThread}|pool-%{WORD:PoolNumber}-thread-%{WORD:ThreadNumber}|RequestId:%{NUMBER:RequestId}|ServiceInstanceId:%{NUMBER:ServiceInstance}|VirtualServerName:%{NUMBER:VirtualServerName}|ServiceName:%{NUMBER:ServiceName}|InstanceUUID:%{NUMBER:InstanceUUID}|AlertSeverity:%{NUMBER:AlertSeverity}|ServerIPAddress:%{NUMBER:ServerIPAddress}|ServerFQDN:%{NUMBER:ServerFQDN}|RemoteHost:%{NUMBER:RemoteHost}|ClassName:%{NUMBER:ClassName}|Timer:%{NUMBER:Timer}|%{GREEDYDATA:Text}
这将提取您的所有字段。 基于给出的日志行示例。