zoukankan      html  css  js  c++  java

  • (?m) 标记

    <pre name="code" class="html">在和 codec/multiline 搭配使用的时候,需要注意一个问题,grok 正则和普通正则一样,默认是不支持匹配回车换行的。就像你需要 =~ //m 一样也需要单独指定,具体写法是在表达式开始位置加 (?m) 标记。如下所示:

match => {
    "message" => "(?m)s+(?<request_time>d+(?:.d+)?)s+"
}
input {
        file {
                type => "zj_mysql"
                path => ["/data01/applog_backup/zjzc_log/zj-mysql01-slowlog.*"]
                 codec => multiline {
      pattern => "^s+#s+User@Host:"
      negate => true
      what => "previous"
    }


        }
    
       file { 
                type => "wj_mysql" 
                path => ["/data01/applog_backup/winfae_log/wj-mysql01-slowlog.*"] 
                 codec => multiline {
      pattern => "^s+#s+User@Host:"
      negate => true
      what => "previous"
    }


        } 
        


    }


filter {
  # drop sleep events
  grok {
    match => { "message" => "SELECT SLEEP" }
    add_tag => [ "sleep_drop" ]
    tag_on_failure => [] # prevent default _grokparsefailure tag on real records
  }
  if "sleep_drop" in [tags] {
    drop {}
  }
  grok {
    match => [ "message","(?m)s*# User@Host:s+S+[%{USER:user}]s+@s+[%{IP:clientip}]s+(?<id>(S+s+)*S+)s*#s+Query_time:s+%{NUMBER:Query_time}s+Lock_time: %{NUMBER:lock_time}s+Rows_sent: %{NUMBER:rows_sent}s+Rows_examined: %{NUMBER:rows_examined}s*
s*SETs+timestamp=%{NUMBER:timestamp};s*(?<query>(s*S+s*).*)s*" 
]
  }
  date {
    match => [ "timestamp", "UNIX" ]
    remove_field => [ "timestamp" ]
  }
}
output {
     if [type] == "zj_mysql" { 
        redis {
                host => "192.168.32.67"
                data_type => "list"
                key => "zj_mysql:redis"
                port=>"6379"
                password => "1234567"
        }
}
      else if [type] == "wj_mysql"{
       redis { 
                host => "192.168.32.67" 
                data_type => "list" 
                key => "wj_mysql:redis" 
                port=>"6379" 
                password => "1234567" 
        } 
}
}
  


  


    
                                    

    
    
                
    
                
              
    • 
              
    
              
  • 

                相关阅读:
    
                
                  vue-router(路由)详细教程
                    
    vue路由对象($route)参数简介
                    
    this.$router.push相关的vue-router的导航方法
                    
    es6 Promise.reject()方法
                    
    百度阿里网易大疆等大小厂前端校招面筋 | 掘金技术征文
                    
    Vue 脱坑记
                    
    (尚016)Vue指令(11个自带指令+自定义指令)
                    
    (尚015)Vue过滤器(对显示的数据进行格式化)
                    
    (尚014)Vue过渡与动画
                    
    (尚013)Vue的生命周期
                    
                        
              
    • 
              
    
              
  • 
                原文地址:https://www.cnblogs.com/hzcya1995/p/13350323.html
              
    • 

            

          



          
          

            

            

          

        

      

      



      

      

        

          Copyright © 2011-2022 走看看