匹配 URIPATH 的 GROK 模式
GROK pattern to match URIPATH
这是我的样本 URL
http://localhost:8080/abc2/query/errorLogs
试图仅提取 query/errorLogs。为此,我尝试了下面的 GROK patten
(%{URIPROTO}://%{URIHOST}(?<path>/[^/]+/[^/]+/[^/]+))
低于输出我得到
{
"URIPROTO": [
[
"http"
]
],
"URIHOST": [
[
"localhost:8080"
]
],
"IPORHOST": [
[
"localhost"
]
],
"HOSTNAME": [
[
"localhost"
]
],
"IP": [
[
null
]
],
"IPV6": [
[
null
]
],
"IPV4": [
[
null
]
],
"port": [
[
"8080"
]
],
"path": [
[
"/abc2/query/errorLogs"
]
]
}
但我期待路径应该是“/query/errorLogs”。
试试这个:
(%{URIPROTO}://%{URIHOST}(?<first_path>/[^/]+)%{GREEDYDATA:path})
结果:
port 8080
first_path /abc2
path /query/errorLogs
这是我的样本 URL
http://localhost:8080/abc2/query/errorLogs
试图仅提取 query/errorLogs。为此,我尝试了下面的 GROK patten
(%{URIPROTO}://%{URIHOST}(?<path>/[^/]+/[^/]+/[^/]+))
低于输出我得到
{
"URIPROTO": [
[
"http"
]
],
"URIHOST": [
[
"localhost:8080"
]
],
"IPORHOST": [
[
"localhost"
]
],
"HOSTNAME": [
[
"localhost"
]
],
"IP": [
[
null
]
],
"IPV6": [
[
null
]
],
"IPV4": [
[
null
]
],
"port": [
[
"8080"
]
],
"path": [
[
"/abc2/query/errorLogs"
]
]
}
但我期待路径应该是“/query/errorLogs”。
试试这个:
(%{URIPROTO}://%{URIHOST}(?<first_path>/[^/]+)%{GREEDYDATA:path})
结果:
port 8080
first_path /abc2
path /query/errorLogs