开发者

Parse a log4j log file

开发者 https://www.devze.com 2022-12-21 07:00 出处:网络
We have several applications that use log4j for logging. I need to get a log4j parser working so we can combine multiple log files and run automated analysis on them. I\'m not looking to reinvent the

We have several applications that use log4j for logging. I need to get a log4j parser working so we can combine multiple log files and run automated analysis on them. I'm not looking to reinvent the wheel, so can someone point me to a d开发者_开发知识库ecent pre-existing parser? I do have the log4j conversion pattern if that helps.

If not, I'll have to roll our own.


I didn't realize that Log4J ships with an XML appender.

Solution was: specify an XML appender in the logging configuration file, include that output XML file as an entity into a well formed XML file, then parse the XML using your favorite technique.

The other methods had the following limitations:

  • Apache Chainsaw - not automated enough
  • jdbc - poor performance in a high performance distributed app


You can use OtrosLogViewer with batch processing. You have to:

  1. Define you log format, you can use Log4j pattern layout parser or Log4j XmlLayout
  2. Create java class that implements LogDataParsedListener. Method public void logDataParsed(LogData data, BatchProcessingContext context) will be called on every parsed log event.
  3. Create jar
  4. Run OtrosLogViewer with specifying your log processing jar, LogDataParsedListener implementation and log files.


What you are looking for is called SawMill, or something like it.


Log4j log files aren't really suitable for parsing, they're too complex and unstructured. There are third party tools that can do it, I believe (e.g. Sawmill).

If you need to perform automated, custom analysis of the logs, you should consider logging to a database, and analysing that. JDBC ships with the JdbcAppender which appends all messages to a database of your choice, but it has performance implications, and it's a bit flaky. There are other, similar, alternatives on the interweb, though (like this one).


You -can- use Log4j's Chainsaw V2 to process the various log files and collect them into one table, and either output those events as xml or use Chainsaw's built-in expression-based filtering, searching & colorizing support to slice & dice the logs.

Steps: - Start Chainsaw V2 - Create a chainsaw configuration file by copying the example configuration file available from the Welcome tab - define one LogFilePatternReceiver 'plugin' entry for each log file that you want to process - Start Chainsaw with that configuration - Each log file will end up as a separate tab in the UI - Pause the chainsaw-log tab and clear the events from that tab - Create a new tab which aggregates the events from the various tabs by going to the 'view, crate custom expression logpanel' menu item and enter 'level >= DEBUG' in the box. It will create a new tab containing events from all of the tabs with level >= debug (which is why you cleared the chainsaw-log tab).

You can get an overview of the expression syntax used to filter, colorize and search from the tutorial (available from the Help menu).

If you don't want to use Chainsaw, you can do something similar - start a simple app that doesn't log but loads a log4j.xml config file with the 'plugin' entries you defined for the Chainsaw configuration, but also define a FileAppender with an xmllayout - all of the events received by the 'receivers' will be sent to the single appender.

0

精彩评论

暂无评论...
验证码 换一张
取 消