mirror of https://github.com/tstack/lnav.git
[parse] show the path of the pattern used to parse the top line
This commit is contained in:
Timothy Stack
parent
e2c08d1da7
commit
f392822aa8
|
|
@ -11,7 +11,7 @@
|
|||
"pattern" : "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3})?) (?<c_ip>[^ ]+) (?<cs_username>[^ ]+) (?<cs_method>[A-Z]+) \"(?<cs_uri_stem>[^ \\?]+)(?:\\?(?<cs_uri_query>[^ ]*))?\" (?:-1|\\d+) (?<sc_status>\\d+) \\d+"
|
||||
},
|
||||
"std" : {
|
||||
"pattern" : "^(?<c_ip>[\\w\\.:\\-]+)\\s+[\\w\\.\\-]+\\s+(?<cs_username>\\S+)\\s+\\[(?<timestamp>[^\\]]+)\\] \"(?:\\-|(?<cs_method>\\w+) (?<cs_uri_stem>[^ \\?]+)(?:\\?(?<cs_uri_query>[^ ]*))? (?<cs_version>[\\w/\\.]+))\" (?<sc_status>\\d+) (?<sc_bytes>\\d+|-)(?: \"(?<cs_referer>[^\"]+)\" \"(?<cs_user_agent>[^\"]+)\")?(?<body>.*)"
|
||||
"pattern" : "^(?<c_ip>[\\w\\.:\\-]+)\\s+[\\w\\.\\-]+\\s+(?<cs_username>\\S+)\\s+\\[(?<timestamp>[^\\]]+)\\] \"(?:\\-|(?<cs_method>\\w+) (?<cs_uri_stem>[^ \\?]+)(?:\\?(?<cs_uri_query>[^ ]*))? (?<cs_version>[\\w/\\.]+))\" (?<sc_status>\\d+) (?<sc_bytes>\\d+|-)(?: \"(?<cs_referer>[^\"]+)\" \"(?<cs_user_agent>[^\"]+)\")?\\s*(?<body>.*)"
|
||||
}
|
||||
},
|
||||
"level-field": "sc_status",
|
||||
|
|
@ -791,7 +791,7 @@
|
|||
"url" : "http://en.wikipedia.org/wiki/Syslog",
|
||||
"regex" : {
|
||||
"std" : {
|
||||
"pattern" : "^(?<timestamp>\\w{3}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2})(?: (?<log_hostname>[a-zA-Z0-9:][^ ]+[a-zA-Z0-9]))?(?:(?: (?<log_procname>(?:[^\\[:]+|[^:]+))(?:\\[(?<log_pid>\\d+)])?:(?<body>(?:.|\\n)*))$|:?(?:(?: ---)? last message repeated \\d+ times?(?: ---)?))"
|
||||
"pattern" : "^(?<timestamp>\\w{3}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2})(?: (?<log_hostname>[a-zA-Z0-9:][^ ]+[a-zA-Z0-9]))?(?:(?: (?<log_procname>(?:[^\\[:]+|[^:]+))(?:\\[(?<log_pid>\\d+)\\])?:(?<body>(?:.|\\n)*))$|:?(?:(?: ---)? last message repeated \\d+ times?(?: ---)?))"
|
||||
}
|
||||
},
|
||||
"level-field" : "body",
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@
|
|||
#include "lnav.hh"
|
||||
|
||||
#include "field_overlay_source.hh"
|
||||
#include "readline_highlighters.hh"
|
||||
|
||||
using namespace std;
|
||||
|
||||
|
|
@ -80,6 +81,17 @@ size_t field_overlay_source::list_overlay_count(const listview_curses &lv)
|
|||
|
||||
this->fos_lines.clear();
|
||||
|
||||
log_format *lf = this->fos_log_helper.ldh_file->get_format();
|
||||
if (!lf->get_pattern_regex().empty()) {
|
||||
attr_line_t pattern_al;
|
||||
std::string &pattern_str = pattern_al.get_string();
|
||||
pattern_str = " Pattern: " + lf->get_pattern_name() + " = ";
|
||||
int skip = pattern_str.length();
|
||||
pattern_str += lf->get_pattern_regex();
|
||||
readline_regex_highlighter(pattern_al, skip);
|
||||
this->fos_lines.push_back(pattern_al);
|
||||
}
|
||||
|
||||
char old_timestamp[64], curr_timestamp[64];
|
||||
struct timeval curr_tv, offset_tv, orig_tv;
|
||||
char log_time[256];
|
||||
|
|
|
|||
|
|
@ -614,6 +614,16 @@ public:
|
|||
void check_for_new_year(std::vector<logline> &dst,
|
||||
const struct timeval &log_tv);
|
||||
|
||||
virtual std::string get_pattern_name() const {
|
||||
char name[32];
|
||||
snprintf(name, sizeof(name), "builtin (%d)", this->lf_fmt_lock);
|
||||
return name;
|
||||
};
|
||||
|
||||
virtual std::string get_pattern_regex() const {
|
||||
return "";
|
||||
};
|
||||
|
||||
date_time_scanner lf_date_time;
|
||||
int lf_fmt_lock;
|
||||
intern_string_t lf_timestamp_field;
|
||||
|
|
@ -624,6 +634,12 @@ protected:
|
|||
static std::vector<log_format *> lf_root_formats;
|
||||
|
||||
struct pcre_format {
|
||||
pcre_format(const char *regex) : name(regex), pcre(regex) {
|
||||
|
||||
};
|
||||
|
||||
pcre_format() : name(NULL), pcre("") { };
|
||||
|
||||
const char *name;
|
||||
pcrepp pcre;
|
||||
};
|
||||
|
|
@ -680,6 +696,7 @@ public:
|
|||
struct pattern {
|
||||
pattern() : p_pcre(NULL) { };
|
||||
|
||||
std::string p_config_path;
|
||||
std::string p_string;
|
||||
pcrepp *p_pcre;
|
||||
std::vector<value_def> p_value_by_index;
|
||||
|
|
@ -791,6 +808,20 @@ public:
|
|||
this->elf_value_defs.find(ist) != this->elf_value_defs.end());
|
||||
}
|
||||
|
||||
std::string get_pattern_name() const {
|
||||
if (this->jlf_json) {
|
||||
return "json";
|
||||
}
|
||||
return this->elf_pattern_order[this->lf_fmt_lock]->p_config_path;
|
||||
}
|
||||
|
||||
std::string get_pattern_regex() const {
|
||||
if (this->jlf_json) {
|
||||
return "";
|
||||
}
|
||||
return this->elf_pattern_order[this->lf_fmt_lock]->p_string;
|
||||
}
|
||||
|
||||
std::set<std::string> elf_source_path;
|
||||
std::list<intern_string_t> elf_collision;
|
||||
std::string elf_file_pattern;
|
||||
|
|
|
|||
|
|
@ -87,24 +87,28 @@ class generic_log_format : public log_format {
|
|||
|
||||
static pcre_format *get_pcre_log_formats() {
|
||||
static pcre_format log_fmt[] = {
|
||||
{ "", pcrepp("^(?<timestamp>[\\dTZ: +/\\-,\\.-]+)([^:]+)") },
|
||||
{ "", pcrepp("^(?<timestamp>[\\w:+/\\.-]+) \\[\\w (.*)") },
|
||||
{ "", pcrepp("^(?<timestamp>[\\w:,/\\.-]+) (.*)") },
|
||||
{ "", pcrepp("^(?<timestamp>[\\w: \\.,/-]+)\\[[^\\]]+\\](.*)") },
|
||||
{ "", pcrepp("^(?<timestamp>[\\w: \\.,/-]+) (.*)") },
|
||||
pcre_format("^(?<timestamp>[\\dTZ: +/\\-,\\.-]+)([^:]+)"),
|
||||
pcre_format("^(?<timestamp>[\\w:+/\\.-]+) \\[\\w (.*)"),
|
||||
pcre_format("^(?<timestamp>[\\w:,/\\.-]+) (.*)"),
|
||||
pcre_format("^(?<timestamp>[\\w: \\.,/-]+)\\[[^\\]]+\\](.*)"),
|
||||
pcre_format("^(?<timestamp>[\\w: \\.,/-]+) (.*)"),
|
||||
|
||||
{ "", pcrepp("^\\[(?<timestamp>[\\d: \\.-]+) \\w+ (.*)") },
|
||||
{ "", pcrepp("^\\[(?<timestamp>[\\w: +/-]+)\\] (.*)") },
|
||||
{ "", pcrepp("^\\[(?<timestamp>[\\w: +/-]+)\\] \\[(\\w+)\\]") },
|
||||
{ "", pcrepp("^\\[(?<timestamp>[\\w: \\.+/-]+)\\] \\w+ (.*)") },
|
||||
{ "", pcrepp("^\\[(?<timestamp>[\\w: +/-]+)\\] \\(\\d+\\) (.*)") },
|
||||
pcre_format("^\\[(?<timestamp>[\\d: \\.-]+) \\w+ (.*)"),
|
||||
pcre_format("^\\[(?<timestamp>[\\w: +/-]+)\\] (.*)"),
|
||||
pcre_format("^\\[(?<timestamp>[\\w: +/-]+)\\] \\[(\\w+)\\]"),
|
||||
pcre_format("^\\[(?<timestamp>[\\w: \\.+/-]+)\\] \\w+ (.*)"),
|
||||
pcre_format("^\\[(?<timestamp>[\\w: +/-]+)\\] \\(\\d+\\) (.*)"),
|
||||
|
||||
{ NULL, pcrepp("") }
|
||||
pcre_format()
|
||||
};
|
||||
|
||||
return log_fmt;
|
||||
};
|
||||
|
||||
std::string get_pattern_regex() const {
|
||||
return get_pcre_log_formats()[this->lf_fmt_lock].name;
|
||||
}
|
||||
|
||||
intern_string_t get_name() const {
|
||||
return intern_string::lookup("generic_log");
|
||||
};
|
||||
|
|
|
|||
|
|
@ -80,7 +80,10 @@ static int read_format_regex(yajlpp_parse_context *ypc, const unsigned char *str
|
|||
|
||||
log_debug(" format regex: %s/%s = %s",
|
||||
elf->get_name().get(), regex_name.c_str(), value.c_str());
|
||||
elf->elf_patterns[regex_name].p_string = value;
|
||||
struct external_log_format::pattern &pat = elf->elf_patterns[regex_name];
|
||||
|
||||
pat.p_config_path = ypc->get_path().to_string();
|
||||
pat.p_string = value;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue