这是我的示例网址
http://localhost:8080/abc2/query/errorLogs
尝试仅提取query/errorLogs。为此,我尝试在GROK Patten以下
(%{URIPROTO}://%{URIHOST}(?<path>/[^/]+/[^/]+/[^/]+))
我得到以下输出
{
"URIPROTO": [
[
"http"
]
],
"URIHOST": [
[
"localhost:8080"
]
],
"IPORHOST": [
[
"localhost"
]
],
"HOSTNAME": [
[
"localhost"
]
],
"IP": [
[
null
]
],
"IPV6": [
[
null
]
],
"IPV4": [
[
null
]
],
"port": [
[
"8080"
]
],
"path": [
[
"/abc2/query/errorLogs"
]
]
}
但是我期望路径应该是“ / query / errorLogs”。
答案 0 :(得分:1)
尝试:
(%{URIPROTO}://%{URIHOST}(?<first_path>/[^/]+)%{GREEDYDATA:path})
结果:
port 8080
first_path /abc2
path /query/errorLogs