Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added Dissect Processor Functionality #3090

Closed
wants to merge 2 commits into from
Closed

Added Dissect Processor Functionality #3090

wants to merge 2 commits into from

Conversation

vishalboin
Copy link
Contributor

Description

Implemented Dissect processor functionality.

Design overview:

For each pattern in map -

  1. Breakdown the pattern into 2 groups:
    • List of fields
    • List of delimiters
  2. Assign the properties of prefix and suffix notations.

(Used regex for above 2 steps. These are executed only once to process the dissect pattern, before processing the logs)

  1. For an incoming log, check if the dissect_when expression satisfies

For each mapped field's value if present -

  1. Split the string with the help of delimiters and assign the the text beween the delimiters to the fields.
  2. Perform the operations on the fields, with the help of the suffix and prefix properties.
  3. Convert the field types based on the target_types map provided in the config.
  4. Populate the output Json with the fields and their assigned values

Issues Resolved

[None]

Check List

  • New functionality includes testing.
  • New functionality has been documented.
  • New functionality has javadoc added
  • Commits are signed with a real name per the DCO

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@vishalboin
Added Dissect Processor Functionality
b8b9c74 
Signed-off-by: Vishal Boinapalli <[email protected]>
@vishalboin
Fixed checkstyle issue
fface34 
Signed-off-by: Vishal Boinapalli <[email protected]>
@oeyh oeyh mentioned this pull request Sep 19, 2023
Merged
4 tasks
@oeyh
Copy link
Collaborator

oeyh commented Sep 26, 2023

Closing in favor of #3363

@oeyh oeyh closed this Sep 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sb2k16 sb2k16 Awaiting requested review from sb2k16 sb2k16 will be requested when the pull request is marked ready for review sb2k16 is a code owner

@chenqi0805 chenqi0805 Awaiting requested review from chenqi0805 chenqi0805 will be requested when the pull request is marked ready for review chenqi0805 is a code owner

@engechas engechas Awaiting requested review from engechas engechas will be requested when the pull request is marked ready for review engechas is a code owner

@graytaylor0 graytaylor0 Awaiting requested review from graytaylor0 graytaylor0 will be requested when the pull request is marked ready for review graytaylor0 is a code owner

@dinujoh dinujoh Awaiting requested review from dinujoh dinujoh will be requested when the pull request is marked ready for review dinujoh is a code owner

@kkondaka kkondaka Awaiting requested review from kkondaka kkondaka will be requested when the pull request is marked ready for review kkondaka is a code owner

@KarstenSchnitter KarstenSchnitter Awaiting requested review from KarstenSchnitter KarstenSchnitter will be requested when the pull request is marked ready for review KarstenSchnitter is a code owner

@dlvenable dlvenable Awaiting requested review from dlvenable dlvenable will be requested when the pull request is marked ready for review dlvenable is a code owner

@oeyh oeyh Awaiting requested review from oeyh oeyh will be requested when the pull request is marked ready for review oeyh is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vishalboin @oeyh