0

Could anybody tell me please, what's up with log4cxx analysis tools ?

My goal is to parse log4cxx log file, for instance, by defining start message of the function and the end message of the function.

Then I need to get timings by different sub operations inside it separately.

Is there any way to do this without of writing bunch of code ?

If you know how to get Splunk to work with this stuff, please, your information will be very useful.

P.S.

I dont need to parse apache files, I dont need to connect by the ethernet to get logging. I just need to parse local log4cxx file on my hard drive.

Thank you very much for your time.

The log looks like this:

DEBUG 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:489 CURRENT_STATE - Query executed.
DEBUG 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:633 CURRENT_STATE - Start
TRACE 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:138 CURRENT_STATE - next #0 XXXXXX double value: 1
TRACE 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:138 CURRENT_STATE - next #1 XXXXXX double value: 1
TRACE 2012-06-01 16:52:02,879 [0x00001d50] xxx_xx_xxxxxxxxxxxx.XXxXxxxx:138 CURRENT_STATE - next #2 XXXXXX double value: 1
4

1 回答 1

1

Splunk 已经识别 log4j 格式的日志文件 - log4cxx 输出格式是否不同?尝试使用 sourcetype=log4j 看看会发生什么...

如果它不起作用,您能否发布日志文件的示例,以便我了解它的不同之处?

谢谢

于 2012-03-22T19:37:36.110 回答