Meticulously Planned
Monday, March 5, 2007
Log parsing foo
I had the need to parse some logs for data-archival and whatnot, so I thought I would share it with those who come across this.
This will not match to all syslog entries of course, since everyone likes to store in their favorite format. However, it does match what I'm working with, so I have provided a sample below.
Happy log parsing!
/^([a-zA-Z]+)\s+(\d+)\s(\d+):(\d+):(\d+)\s
([a-zA-Z0-9\.]+)\s([a-zA-Z0-9\.-\[\]]+):(.*)$/
This will not match to all syslog entries of course, since everyone likes to store in their favorite format. However, it does match what I'm working with, so I have provided a sample below.
Mar 5 11:11:21 10.0.0.1 dhcpd: DHCPDISCOVER from 00:55:13:89:11:3a via eth0: network 10.0.0/24: no free leases
Happy log parsing!
posted by Christian Hergert # 11:36 AM 
