0

I am trying to parse a log file, and I want to extract parameters from the lines entered. Here is an example, for the line:

"Apr  8 07:13:10 kali gnome-screensaver-dialog: gkr-pam: unlocked login keyring"

The program gives me:

Date&Time: Apr 11 00:06:30
Hostname: kali
Program Name: gnome-screensaver-dialog
Log: gkr-pam: unlocked login keyring

But for the line: 

"Apr  8 07:13:45 kali gnome-screensaver-dialog: pam_unix(gnome-screensaver:auth): authentication failure; logname= uid=0 euid=0 tty=:0.0 ruser= rhost=  user=root"

I have an error from java. The error is "Regular Expression not matching", from my code, which indicates that my reges is bogus. Basically, I want to extract the Date&Time, Hostname, Program Name, and Log Message The problem is at extracting the Program Name, it is the first thing before the first colon, for example for the line above it should give me:

   Date&Time: Apr  8 07:13:45
    Hostname: kali
    Program Name: gnome-screensaver-dialog
    Log: pam_unix(gnome-screensaver:auth): authentication failure; logname= uid=0 euid=0 tty=:0.0 ruser= rhost=  user=root

Here is my partial java code:

private class FileTailerListenerAdapter extends TailerListenerAdapter {
        @Override
        public void handle(String line) {
            String logEntryPattern = "([\\w]+\\s[\\d]+\\s[\\d:]+) ([\\w]+) ([\\[\\]\\(\\)a-zA-Z0-9\\-]+)[?:] (.+)";
            Pattern p = Pattern.compile(logEntryPattern);
            Matcher matcher = p.matcher(line);

            if (!matcher.matches()) {
                System.err.println("Regular Expression not matching:");
                System.err.println(line);
                return;
            }
            System.out.println("Total groups: " + matcher.groupCount());
            System.out.println("Date&Time: " + matcher.group(1));
            System.out.println("Hostname: " + matcher.group(2));
            System.out.println("Program Name: " + matcher.group(3));
            System.out.println("Log: " + matcher.group(4));
            System.out.println();
            System.out.println();
        }
    }

Any help would be greatly appreciated!

Improve this question
4
  • What is your error from java? Commented Apr 14, 2014 at 9:24
  • You could clear up your regex a lot. In character classes in particular, there is no need to escape parens, and even the dash since it is at the end. Also, there are a lot of unneeded character classes sprinkled around where an atom/character set would have done the job. Commented Apr 14, 2014 at 9:39
  • 1
    Working for both cases for me: "(\\w+\\s+\\d+\\s+[\\d:]+)\\s+(\\w+)\\s+([^:]+):\\s+(.*)", [^:]+ matches all the things not a : Commented Apr 14, 2014 at 9:53
  • is your subjectstring multi or single line ? your question isn't clear about it. Commented Apr 14, 2014 at 9:54

1 Answer 1

Reset to default
2

It seems like hostname and program name cannot contain spaces - knowing that you can simplify your regexp a lot: separate hostname, program name and log message using whitespace characters - and everything will work:

final String logEntryPattern = "(\\w+\\s+\\d+\\s+\\d{2}:\\d{2}:\\d{2})\\s+(\\S+)\\s+(\\S+):\\s+(.+)";
final Pattern p = Pattern.compile(logEntryPattern);
final Matcher matcher = p.matcher(line);

if (!matcher.matches()) {
    System.err.println("Regular Expression not matching:");
    System.err.println(line);
    return;
}
System.out.println("Total groups: " + matcher.groupCount());
System.out.println("Date&Time: " + matcher.group(1));
System.out.println("Hostname: " + matcher.group(2));
System.out.println("Program Name: " + matcher.group(3));
System.out.println("Log: " + matcher.group(4));
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.