使用REGEX创建Logz.io Alert(或日志字段上的自定义逻辑)
我正在尝试创建一个警报,该警报在其查询/过滤器参数
中 我有以下日志行,
[2022-05-01 00:00:00] [Thread-1] ERROR MyLoggerName - Iteration #0. [123456, 456789] - 2 missing data lines in iteration
[2022-05-01 00:01:00] [Thread-1] ERROR MyLoggerName - Iteration #1. [234567, 567890] - 951 missing data lines in iteration
根据以下 logz.io文档这就是我输入的内容在搜索栏中:
message:/(.*) (\d{1,19}) missing data lines in iteration/
没有结果。如果我搜索
message:"missing data lines in iteration"
我完全会收到上述日志线,所以我认为我的正则是有问题的,但是当我尝试在线Regex引擎时 - 我看到文本已经匹配了。 您可以通过正则拨号线以匹配日志线的正确方法/格式是什么?
该特定正则态度的原因是,我将“捕获”日志行的一部分(在此示例中,数字2和编号951),并根据这些值的某些逻辑在logz.io中创建一个警报。这可能吗?如果没有 - 我可以调整正则态度以匹配我想提高警报的数字。
I'm trying to create an alert that has regex in its query/filter parameters
I have the following log lines
[2022-05-01 00:00:00] [Thread-1] ERROR MyLoggerName - Iteration #0. [123456, 456789] - 2 missing data lines in iteration
[2022-05-01 00:01:00] [Thread-1] ERROR MyLoggerName - Iteration #1. [234567, 567890] - 951 missing data lines in iteration
According to the following logz.io documentation this is what i entered in the search bar:
message:/(.*) (\d{1,19}) missing data lines in iteration/
Which yielded no results. If i search for
message:"missing data lines in iteration"
I get exactly the above log lines so i thought that there was something wrong with my regex but when i tryed online regex engines - i saw that the text was matched.
What is the correct way/format you can pass a regex to match log lines?
The reason for this specific regex is that i would "capture" a part of a log line (in this example, the number 2 and the number 951) and create an alert in logz.io according to some logic on these values. Is this possible? If not - i can adjust the regex to match only numbers i would like to raise an alert on.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
要仅捕获
2和951您应该使第一个组不受欢迎,请参见 demo
To capture only
2and951you should make the first group non-capturablePlease see the demo