Error while "Grok compile"
Description
Attachments
Gliffy Diagrams
Activity
Suyog Rao February 7, 2015 at 12:48 AM
Issue is from using ?s in regexp
Philippe Weber May 13, 2014 at 9:41 AMEdited
What I meant is that the (?s) flag is not available in used regular expression ruby library, so you cannot use it, and it seems the cause of your error (I did a very small test on http://grokdebug.herokuapp.com/ )
And from the doc ?m in RUBY is equivalent to ?s "dot(.) match newline", do not ask me why
A-1. Syntax depend options
+ ONIG_SYNTAX_RUBY
(?m): dot(.) match newline+ ONIG_SYNTAX_PERL and ONIG_SYNTAX_JAVA
(?s): dot(.) match newline
(?m): ^ match after newline, $ match before newline
DenisVPN May 13, 2014 at 9:12 AMEdited
Philippe Weber:
thank you but it does not work correctly for my task. that is the reason of changing to (?s\:) option
Philippe Weber May 13, 2014 at 8:43 AMEdited
I suppose you should use (?m) instead of (?s) to match the multiline remainder, it is the only allowed flag in ONIG_SYNTAX_RUBY as mentioned in http://www.geocities.jp/kosako3/oniguruma/doc/RE.txt
Got exception after trying start logstash
Command to start:
java -Xmx256m -jar logstash-1.3.3-flatjar.jar agent -f sender.conf --verbose > 1.txt &
---------------------
Linux version:
uname -a
Linux 2.6.18-371.el5 #1 SMP Thu Sep 5 21:21:44 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux (Ubuntu)
-----------------------
Java :
java -version
java version "1.7.0_25"
OpenJDK Runtime Environment (rhel-2.3.10.5.el5_9-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
-----------------------
Error in 1.txt.
Config file :sender.conf