|
|
|
Grok Maker is an application that semi-automates the development and deployment of Elasticsearch-groks and regular expressions to identify, parse, and extract content from classes of log messages for ingestion into an Elasticsearch (ES) instance. From an initial collection of log messages it will automatically generate groks that identify and extract relevant data from all classes of log messages. The generated groks can be refined by labeling the information extracted. The application also provides the capability to manage the deployment of the groks to fluentd instances that push the parsed messages into an Elasticsearch instance. Additionally, a fluentd plugin performs real time analysis of the class of log messages received to statistically identify messages that are occurring with an unusually high frequency.
|
|
|
|
Grok Maker is an application that semi-automates the development and deployment of Elasticsearch-groks and regular expressions to identify, parse, and extract content from classes of log messages for ingestion into an Elasticsearch (ES) instance. From an initial collection of log messages it will automatically generate groks that identify and extract relevant data from all classes of log messages. The generated groks can be refined by labeling the information extracted. The application also manages the deployment of the groks to fluentd instances that push the extracted content into an ES instance. An optional fluentd plugin does a real time analysis of the class of log messages received that statistically identifies messages occurring with an unusually high frequency.
|
|
|
|
|
|
|
|
This talk will start with the |
|
|
\ No newline at end of file |
|
|
|
This talk will outline the motivation for the development of the application, the algorithm used to automatically generate the groks to parse a set of log messages, and the overall architecture of the application. |
|
|
\ No newline at end of file |
