Grok patterns

Patterns for parsing and structuring log messages for different services with Vector.

Use this app for debugging your patterns! Be careful, there might be subtle differences!

When issuing pull requests to this repository, don't forget to include an example of the messages your commits try to parse!!

Adding pattern

Develop a new PATTERN typically in its own file, and call the main new pattern <PATTERN>_MSG.

Then you can:

Add the new message pattern to the Vector config file in the section [transforms.syslog]. Typically, you will add it to the top-level list of patterns to try (second argument of parse_groks).
Include the definitions for this grok pattern in its own JSON file <PATTERN>.json, in the format given by the existing JSON files. You will need to add this filename to the vector.toml config file under the parse_groks argument alias_sources.
Add tests for your pattern in tests/<PATTERN>.toml. Specify the input, and compose the VRL program that asserts the expected structured output.

Name		Name	Last commit message	Last commit date
Latest commit History 278 Commits
.github/workflows		.github/workflows
files		files
tests		tests
.gitignore		.gitignore
Jenkinsfile		Jenkinsfile
LICENSE		LICENSE
MANIFEST.in		MANIFEST.in
README.md		README.md
runtest.py		runtest.py
setup.cfg		setup.cfg
setup.py		setup.py
tox.ini		tox.ini
vsc-ci.ini		vsc-ci.ini