Skip to content

caeops > logs

update-parsing-rule

Description

This command updates a parsing rule filter for the given logs source

Synopsis

  update-parsing-rule
--name [value]
--service-name [value]
--filter [value]

Options

--name (string)

Name of parsing rule

--service-name (string)

Name of the logs source to create this rule for

--filter (string)

The format of parsing to be applied by the rule to extract relevant information from the log message

Examples

The following logs update-parsing-rule example updates the parsing rule

caeops logs update-parsing-rule --name access-pattern --service-name dev-logs 
    --filter '{"pattern": "(?<ip>\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}) - - \[(?<date>\d{2}\\/\w{3}\\/\d{4}:\d{2}:\d{2}:\d{2} \+\d{4})\] \"(?<method>\b\w+\b) \\/(?<service>\b\w+\b?) (?<http>.*?)\" (?<code>\d{3}) (?<bytes>\d{3}) "-" \"(?<path>.*?)\" (?<count>\d{3}) (?<message>.*)","target": "parsed_log"}'

Output

Updated parsing Rule Details -> (Structure)

  • name -> (string) Name of the parsing rule created
  • serviceName -> (string) Name of the logs source that applies this rule
  • pluginName -> (string) Name of the plugin(logstash) used for parsing logs
  • rule -> (structure)
    • pattern -> (string) Filter pattern updated for this rule
    • target -> (string) Name of the target field, that should contain the parsed information
Back to top