grogg
A small command line tool for testing grok patterns on file contents.
It uses the vjeantet/grok library for parsing and pterm for some extra gloss.
Usage
Available parameters are:
-custom-file string
File containing custom Grok patterns
-failures
Show only failures
-input string
Input file
-line-length int
Set max line length buffer in bytes (default 4096)
-multiline string
Multiline pattern
-pattern string
Grok pattern to match
-prompt
Prompt after each line
-silent
Silent mode (summary at the end of execution)
-verbose
Verbose mode
Examples
Show only lines that didn't return any matches:
grogg -input=access.log -pattern='%{COMMONAPACHELOG}' -failures -prompt
Add additional patterns from file and match multiline events where every new event starts with "###":
grogg -input=file.log -pattern='%{CUSTOMLOGFILE}' -custom-file=grok-patterns.txt -multiline='###'