Module Values.GrokSource

This processor uses pattern matching to parse and structure unstructured data. This processor can also extract fields from log messages. For more information about this processor including examples, see grok in the CloudWatch Logs User Guide.

Sourcetype nonrec t = {
  1. source : Source.t option;
    (*

    The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.

    *)
  2. match_ : GrokMatch.t;
    (*

    The grok pattern to match against the log event. For a list of supported grok patterns, see Supported grok patterns.

    *)
}
Sourceval context_ : string
Sourceval make : ?source:??? -> match_:GrokMatch.t -> unit -> t
Sourceval to_value : t -> [> `Structure of (string * [> `String of Source.t ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t