Parsing data from multiple lines

shivabharat · December 12, 2018, 10:07am

Hi All,

I have a log file which has a big chunk of log like below. Using the GREEDYDATA pattern I am able to parse only till

00000000-00000000 6260 0C100005 CnHttpRequest.cpp:5268 Sending Header

I am looking to grab the entire text till the end. I am not sure how this can be accomplished. Appreciate any help on this.

2016-09-26T19:52:38.595 Trc 60022 INFO 00000000-00000000 6260 0C100005 CnHttpRequest.cpp:5268 Sending Header
[GET /Postpaid/network_sms.asp HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; Telera _ND_C 8.1.410.36)
Accept: /
Host: localhost
Cookie: $Version=0; ASPSESSIONIDSARBBASQ=EBBAMFHACKOPKKKCCINLLHEG; $Path=/
X-GEN-Session-ID: 380EA899-F926-4A6A-F2A6-C81983EB358D
]

Eniqmatic · December 12, 2018, 10:11am

So are you looking to capture multiple lines into one event?

shivabharat · December 12, 2018, 10:19am

Yes, I want to capture data under single event.

Eniqmatic · December 12, 2018, 10:24am

Use the multiline codec:

You will need a clear end indicator

shivabharat · December 12, 2018, 12:01pm

Great that helped a lot. Another quick question can we have multiple pattern to determine multi line?

system · January 9, 2019, 12:01pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.