Kibana -> Dev Tools -> Grok Debugger
Sample Data
2020-11-27 11:27:36.168 [appblog-mall-api-gateway][ WARN ] [123188] [nio-8081-exec-6] [9bd918cc09b82f16] [9bd918cc09b82f16] [true] --- [cn.appblog.mall.gateway.api.filter.SignaturePreFilter] [needCheckSign] [150] : merchant signature ignore! merchantId=2020102600188001Grok Pattern
%{TIME_STAMP_A:logtime}\s+\[\s*%{APP_NAME:appname}\s*\]\[\s*%{LOG_LVL:loglvl}\s*\]\s+\[\s*%{PROCESS_ID:pid}\s*\]\s+\[\s*%{PROCESS_NAME:pname}\s*\]\s+\[\s*%{TRACE_ID:traceid}\s*\]\s+\[\s*%{SPAN_ID:spanid}\s*\]\s+\[\s*%{SPAN_EXPORTABLE}\s*\]\s+---\s+\[\s*%{CLASS_PATH:classpath}\s*\]\s+\[\s*%{METHOD_NAME:methodname}\s*\]\s+\[\s*%{CODE_LINE:codeline}\s*\]\s+:\s+%{CONTENT}Custom Patterns
TIME_STAMP_A \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}:\d{2}.\d{3}
TIME_STAMP_T \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z
TIME_STAMP_P \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}:\d{2}
TIME_STAMP_S \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}:\d{2},\d{3}
HOST_NAME_PATTERN [a-zA-Z0-9._-]+
APP_NAME [a-zA-Z0-9._-]+
LOG_LVL [a-zA-Z0-9._-]+
CORRELATION_ID [0-9a-f-]{36}
CIP ((?:(?:25[0-5]|2[0-4]\d|((1\d{2})|([1-9]?\d)))\.){3}(?:25[0-5]|2[0-4]\d|((1\d{2})|([1-9]?\d))))
ID_PATTERN [0-9a-f\-]{36}
RPC_ID_PATTERN [0-9\.]+
APP_OR_METHOD [/a-zA-Z0-9._-]+
TRACE_ID [0-9a-f]*
SPAN_ID [0-9a-f]*
PROCESS_ID \d{3,6}
PROCESS_NAME [a-zA-Z0-9._-]+
SPAN_EXPORTABLE [a-z]{0,5}
CLASS_PATH [a-zA-Z0-9._]+
METHOD_NAME [a-zA-Z0-9_$]+
CODE_LINE \d{1,5}
CONTENT [\s\S]*$Simulate
Structured Data
{
"traceid": "9bd918cc09b82f16",
"classpath": "cn.appblog.mall.gateway.api.filter.SignaturePreFilter",
"loglvl": "WARN",
"pname": "nio-8081-exec-6",
"pid": "123188",
"codeline": "150",
"spanid": "9bd918cc09b82f16",
"appname": "appblog-mall-api-gateway",
"logtime": "2020-11-27 11:27:36.168",
"methodname": "needCheckSign"
}
