2016-09-29 58 views
0

我試圖解析與豬這個ELB日誌,我能夠使用這個腳本豬腳本解析AWS ELB登錄

成功地解析它+++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++ 2016-07-16T00:00:41.700161Z testelb 11.11.17.2:50883 192.168.1.94:80 0.00002 0.001392 0.000019 200 200 0 43「GET http://test.example.com:80/bac?aid=b5cf542d74&cid=etrsewtp&bid=23c45c543&dte=Sat%20Jul%2016%202016%2008:00:41%20GMT+0800%20(HKT) HTTP/1.1」「Mozilla/5.0( iPhone;像Mac OS X的CPU iPhone OS 9_3_2)AppleWebKit/601.1.46(KHTML,如Gecko)Mobile/13F69「 - - +++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++ ++

*************************************************************** 
A = LOAD '/tmp/one.log' USING TextLoader AS (line:chararray); 

B = FOREACH A GENERATE FLATTEN (
    REGEX_EXTRACT_ALL(
      line,'^(\\S+) (\\S+) (\\S+) (\\S+) (\\S+) (\\S+) (\\S+) (\\S+) (\\S+) (\\S+) (\\S+) "(.+?)" "(.+?)" (\\S+) (\\S+)') 
    ) AS (
    timestamp:chararray, elb:int, client_port:chararray, backend_port:chararray, request_processing_time:float, backend_processing_time:float, response_processing_time:float, elb_status_code:int, backend_status_code:int, received_bytes:int, sent_bytes:int, request:chararray, user_agent:chararray, ssl_cipher:chararray, ssl_protocol:chararray 
); 

DUMP B; 

現在我想提取請求url,aid,bid,cid等,但無法匹配正則表達式。有人能幫我獲得這些細節嗎?

除了上面的正則表達式方法,如果有任何其他方法來獲得完整的ELB日誌細節,那麼我想知道。

注意:aid,bid和cid的位置在請求日誌中並不固定。

回答