Laman ini saat ini hanya mendukung bahasa inggris, bahasa yang telah anda telusuri sedang dipersiapkan.
关闭
Cloud Log Service
- Release Notes and Announcements
- Announcements
- Product Introduction
- Limits
- Log Collection
- Purchase Guide
- Pay-as-You-Go
- Getting Started
- Operation Guide
- Resource Management
- Permission Management
- Log Collection
- Collection by LogListener
- LogListener Installation and Deployment
- Collecting Text Log
- Collecting Logs in Self-Built Kubernetes Cluster
- Importing Data
- Metric Collection
- Log Storage
- Search and Analysis (Log Topic)
- Statistical Analysis (SQL)
- SQL Syntax
- SQL Functions
- Search and Analysis (Metric Topic)
- Dashboard
- Creating Statistical Charts
- Data Processing documents
- Data Processing
- Data Processing Functions
- Scheduled SQL Analysis
- Shipping and Consumption
- Shipping to COS
- Shipping to CKafka
- Shipping to ES
- Log Shipping
- Consumption over Kafka
- Monitoring Alarm
- Managing Alarm Policies
- Channels to Receive Alarm Notifications
- Cloud Insight
- Historical Documentation
- Practical Tutorial
- Search and Analysis
- Monitoring Alarm
- Shipping and Consumption
- Developer Guide
- API Documentation
- Making API Requests
- Topic Management APIs
- Log Set Management APIs
- Topic Partition APIs
- Machine Group APIs
- Collection Configuration APIs
- Log APIs
- Metric APIs
- Alarm Policy APIs
- Data Processing APIs
- Kafka Protocol Consumption APIs
- CKafka Shipping Task APIs
- Kafka Data Subscription APIs
- COS Shipping Task APIs
- SCF Delivery Task APIs
- Scheduled SQL Analysis APIs
- COS Data Import Task APIs
- FAQs
- Health Check
- Collection
- Log Search
DokumentasiCloud Log ServiceOperation GuideData Processing documentsData ProcessingProcessing CasesLog Structuration-JSON
Log Structuration-JSON
Terakhir diperbarui:2024-12-18 16:37:58
Scenario description
Xiaowang collects logs in JSON format to CLS (Cloud Log Service, CLS) under the following two conditions:
1. The JSON is multi-layer nested. Xiaowang wants to extract the user and App fields, where user is a secondary nested field.
2. Xiaowang's JSON log is an array and needs to split multiple logs from the array.
Raw Log
[{"content": {"App": "App-1","start_time": "2021-10-14T02:15:08.221","resonsebody": {"method": "GET","user": "Tom"},"response_code_details": "3000","bytes_sent": 69}},{"content": {"App": "App-2","start_time": "2222-10-14T02:15:08.221","resonsebody": {"method": "POST","user": "Jerry"},"response_code_details": "2222","bytes_sent": 1}}]
{"timestamp": 1732099684144000,"topic": "log-containers","records": [{"category": "kube-request","log": "{\\"requestID\\":\\"12345\\",\\"stage\\":\\"Complete\\"}"},{"category": "db-request","log": "{\\"requestID\\":\\"67890\\",\\"stage\\":\\"Response\\"}"}]}
Processing result
[{"App":"App-1","user":"Tom"},{"App":"App-2","user":"Jerry"}]
[{"category":"kube-request","requestID":"12345","stage":"Complete","timestamp":"1732099684144000","topic":"log-containers"},{"category":"db-request","requestID":"67890","stage":"Response","timestamp":"1732099684144000","topic":"log-containers"}]
DSL Processing Function
//Use the ext_json function to extract structured data from JSON data, by default, it will flatten all fieldsext_json("content")//Discard the content fieldfields_drop("content")//Discard unnecessary fields bytes_sent,method,response_code_details,start_timefields_drop("bytes_sent","method","response_code_details","start_time")
//Split logs from the array, splitting into 2 logslog_split_jsonarray_jmes("records")//Discard the original field recordsfields_drop("records")//Expand the KV pairs of the logext_json("log")//Discard the original field logfields_drop("log")
Apakah halaman ini membantu?
Anda juga dapat Menghubungi Penjualan atau Mengirimkan Tiket untuk meminta bantuan.
Ya
Tidak