Not able to parse tomcat localhost access log via fluent bit using reg ex. Below is my incoming log:
127.0.0.1 - - [27/Aug/2024:00:01:48 +0000] "GET /TA HTTP/1.1" 302 - 0
Need output as below:
Remote hostname: 127.0.0.1
time log: 27/Aug/2024:00:01:48 +0000
request: GET /TA HTTP/1.1
statuscode: 302
bytessent: 0
pls let me know the ruby reg-ex to use in fluent-bit to parse the same?
log = "127.0.0.1 - - [27/Aug/2024:00:01:48 +0000] "GET /TA HTTP/1.1" 302 - 0"
regexp = /(^[^s]+)[s-]+[(.+ +d+)] "([^"]+)" (d+) - (d+)/
match = log.match(regexp)
ip = match[1]
time = match[2]
request = match[3]
status_code = match[4]
bytes_sent = match[5]
0
Tried in another way also with regex, if anyone requires
/^(?<host>[^ ]*) [^ ]* (?<user>[^ ]*) [(?<log_time>[^]]*)] "(?<requestmethod>S+)(?: +(?<urlpath>[^"]*?)(?: +S*)?)?" (?<statuscode>[^ ]*) (?<bytessent>[^ ]*)(?: "(?<referer>[^"]*)" "(?<agent>[^"]*)")?/