diff --git a/src/formats/java_log.json b/src/formats/java_log.json index 0d6297ac..d9c036a6 100644 --- a/src/formats/java_log.json +++ b/src/formats/java_log.json @@ -12,40 +12,53 @@ "pattern": "^(?\\w+)\\s+\\|\\s+jvm (?\\d+)\\s+\\|\\s(?\\d{4}/\\d{2}/\\d{2} \\d{2}:\\d{2}:\\d{2})\\s+\\| JVMDUMP\\w+\\s(?.*)$" }, "tasko": { - "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+\\[(?[\\w\\-\\.]+)\\]\\s+(?ERROR|WARN|INFO|DEBUG)\\s+(?[\\w.]+)\\s+(-\\s+)?(?.*)$" + "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\s+\\[(?[\\w\\-\\.]+)\\]\\s+(?ERROR|WARN|INFO|DEBUG|TRACE)\\s+(?[\\w.]+)\\s+(-\\s+)?(?.*)$" }, "prefix-brackets": { - "pattern": "^\\[(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+(?[\\w\\-\\.]+)\\s+(?ERROR|WARN|INFO|DEBUG)\\s+(?[\\w.]+)(?:\\s+opId=(?[^\\]]*))?\\]\\s*(-\\s+)?(?.*)$" + "pattern": "^\\[(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\s+(?[\\w\\-\\.]+)\\s+(?ERROR|WARN|INFO|DEBUG|TRACE)\\s+(?[\\w.]+)(?:\\s+opId=(?[^\\]]*))?\\]\\s*(-\\s+)?(?.*)$" }, "in-brackets": { - "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+\\[(?[\\w\\-\\.]+)(?:\\s+(?:\\[\\]|null))?\\s+(?ERROR|WARN|INFO|DEBUG)\\s+(?[\\w.]+)(?:\\s+opId=(?[^\\]]*))?\\]\\s*(-\\s+)?(?.*)$" + "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\s+\\[(?[\\w\\-\\.]+)(?:\\s+(?:\\[\\]|null))?\\s+(?ERROR|WARN|INFO|DEBUG|TRACE)\\s+(?[\\w.]+)(?:\\s+opId=(?[^\\]]*))?\\]\\s*(-\\s+)?(?.*)$" }, "nobrackets": { - "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+(?[\\w\\-\\.]+)\\s+(?ERROR|WARN|INFO|DEBUG)\\s+(?[\\w.]+)\\s+(-\\s+)?(?.*)$" + "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\s+(?[\\w\\-\\.]+) (?:operationID=(?\\S+))?\\s+(?ERROR|WARN|INFO|DEBUG|TRACE)\\s+(?[\\w.]+)\\s+(-\\s+)?(?.*)$" }, "vmw1": { - "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s*\\|\\s*(?ERROR|WARN|INFO|DEBUG)\\s*\\|\\s*(?[^\\|]+)\\s*\\|\\s*(?[^\\|]+)\\s*\\|\\s*(?\\d+)\\s*\\|\\s*(?.*)$" + "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\s*\\|\\s*(?ERROR|WARN|INFO|DEBUG|TRACE)\\s*\\|\\s*(?[^\\|]+)\\s*\\|\\s*(?[^\\|]+)\\s*\\|\\s*(?\\d+)\\s*\\|\\s*(?.*)$" }, "vmw2": { - "pattern": "^\\[(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\]\\s*(?ERROR|WARN|INFO|DEBUG)\\s*\\d+\\[(?[^\\]]+)\\]\\s+-\\s+(?[^\\(]+)\\.(?\\w+)\\((?[^:]+):(?\\d+)\\)\\s+-\\s+(?.*)$" + "pattern": "^\\[(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\]\\s*(?ERROR|WARN|INFO|DEBUG|TRACE)\\s*\\d+\\[(?[^\\]]+)\\]\\s+-\\s+(?[^\\(]+)\\.(?\\w+)\\((?[^:]+):(?\\d+)\\)\\s+-\\s+(?.*)$" }, "vmw3": { - "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s*\\|\\s*(?ERROR|WARN|INFO|DEBUG)\\s*\\|\\s*(?[^\\|]+)\\s*\\|\\s*(?[^\\|]+)\\s*\\|\\s+(?!\\d+\\s*\\|)(?.*)$" + "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\s*\\|\\s*(?ERROR|WARN|INFO|DEBUG|TRACE)\\s*\\|\\s*(?[^\\|]+)\\s*\\|\\s*(?[a-zA-Z_\\.][^\\|]+)\\s*\\|\\s+(?!\\d+\\s*\\|)(?.*)$" }, "vmw-sso": { - "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+(?ERROR|WARN|INFO|DEBUG)\\s+[\\w\\-]+\\[\\d+:(?[^\\]]+)\\]\\s+\\[CorId=(?[^\\s\\]]*)(?:\\s+OpId=(?[^\\]]*))?\\]\\s+\\[(?[^\\]]+)\\]\\s+(?.*)$" + "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\s+(?ERROR|WARN|INFO|DEBUG|TRACE)\\s+[\\w\\-]+\\[\\d+:(?[^\\]]+)\\]\\s+\\[CorId=(?[^\\s\\]]*)(?:\\s+OpId=(?[^\\]]*))?\\]\\s+\\[(?[^\\]]+)\\]\\s+(?.*)$" }, "vmw-sps": { - "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+\\[(?[^\\]]+)\\]\\s+(?ERROR|WARN|INFO|DEBUG)\\s+opId=(?\\S*)\\s+(?\\S+)\\s+-\\s+(?.*)$" + "pattern": "^(?\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}(?:Z|[-+]\\d{2}:?\\d{2})?)\\s+\\[(?[^\\]]+)\\]\\s+(?ERROR|WARN|INFO|DEBUG|TRACE)\\s+opId=(?\\S*)\\s+(?\\S+)\\s+-\\s+(?.*)$" } }, "level-field": "level", "opid-field": "opid", + "opid": { + "description": { + "license": { + "format": [ + { + "field": "body", + "extractor": "Invoking (.+)" + } + ] + } + } + }, "level": { "error": "ERROR", "warning": "WARN", "debug": "DEBUG", - "info": "INFO" + "info": "INFO", + "trace": "TRACE" }, "value": { "function": { @@ -141,6 +154,12 @@ }, { "line": "2022-06-01T13:42:32.742Z INFO sts-default[23:localhost-startStop-1] [CorId= OpId=] [com.vmware.identity.idm.server.provider.PooledLdapConnectionFactory] New connection created in pool PooledLdapConnectionIdentity [tenantName=null, username=vc.vlcm.com@vsphere.local, authType=SRP, useGCPort=false, connectionString=ldap://vc.vlcm.com:389]" + }, + { + "line": "2023-07-18T20:10:41.345-0700 | DEBUG | opId-229b032d-ed17-4675-b01d-4868ea35d1b9 | cls-background-executor-4 | SessionManagerImpl | Invalidated 0 expired sessions." + }, + { + "line": "2023-07-19T03:05:51.879Z invocation-vmomi-executor-1 operationID=4e543097-1a DEBUG vim.vmomi.server.impl.InvocationTask Invoking com.vmware.vim.binding.vim.LicenseManager.getEvaluation" } ] } diff --git a/src/log_format_impls.cc b/src/log_format_impls.cc index ca6d30e1..92612726 100644 --- a/src/log_format_impls.cc +++ b/src/log_format_impls.cc @@ -52,7 +52,7 @@ class generic_log_format : public log_format { pcre_format( "^(?:\\*\\*\\*\\s+)?(?@[0-9a-zA-Z]{16,24})(.*)"), pcre_format( - R"(^(?:\*\*\*\s+)?(?(?:\s|\d{4}[\-\/]\d{2}[\-\/]\d{2}|T|\d{1,2}:\d{2}(?::\d{2}(?:[\.,]\d{3,6})?)?|Z|[+\-]\d{2}:?\d{2}|[A-Z]{3,4})+)(?:\s+|:)([^:]+))"), + R"(^(?:\*\*\*\s+)?(?(?:\s|\d{4}[\-\/]\d{2}[\-\/]\d{2}|T|\d{1,2}:\d{2}(?::\d{2}(?:[\.,]\d{1,6})?)?|Z|[+\-]\d{2}:?\d{2}|(?!ERR|INFO|WARN)[A-Z]{3,4})+)(?:\s+|:)([^:]+))"), pcre_format( "^(?:\\*\\*\\*\\s+)?(?[\\w:+/\\.-]+) \\[\\w (.*)"), pcre_format("^(?:\\*\\*\\*\\s+)?(?[\\w:,/\\.-]+) (.*)"), diff --git a/src/time_formats.am b/src/time_formats.am index 230dac4b..780c9d5c 100644 --- a/src/time_formats.am +++ b/src/time_formats.am @@ -21,13 +21,14 @@ TIME_FORMATS = \ "%y-%m-%dT%H:%M:%S.%f%z" \ "%Y-%m-%dT%H:%M:%S.%L%z" \ "%y-%m-%dT%H:%M:%S.%L%z" \ - "%Y-%m-%dT%H:%M:%SZ" \ "%Y-%m-%dT%H:%M:%S%z" \ "%Y-%m-%dT%H:%M:%S" \ "%Y-%m-%dT%H:%M:%S%z" \ "%Y-%m-%dT%H:%M" \ "%Y/%m/%d %H:%M:%S %z" \ "%Y/%m/%d %H:%M:%S%z" \ + "%Y/%m/%d %H:%M:%S.%f" \ + "%Y/%m/%d %H:%M:%S.%L" \ "%Y/%m/%d %H:%M:%S" \ "%Y/%m/%d %H:%M" \ "%Y %b %d %a %H:%M:%S.%L" \