rs_log2sqlite_grok/
parse.rs1use grok::Grok;
2use grok::Pattern;
3
4pub fn pattern2timestamp_utf8_only(pat: &Pattern, line: &[u8], tsbuf: &mut String) -> Option<()> {
5 let ostr: Option<_> = std::str::from_utf8(line).ok();
6 let s: &str = ostr.unwrap_or_default();
7 let omat: Option<_> = pat.match_against(s);
8 let mat = omat?;
9 let mut imat = mat.iter();
10 let opair: Option<_> = imat.next();
11 let pair = opair?;
12 let (_, val) = pair;
13
14 tsbuf.push_str(val);
15 Some(())
16}
17
18pub const TIMESTAMP_NAME_DEFAULT: &str = "timestamp";
19pub const TIMESTAMP_PATTERN_DEFAULT: &str = "%{TIMESTAMP_ISO8601:timestamp}";
20
21pub fn add_pattern<S>(g: &mut Grok, name: S, pattern: S)
22where
23 S: Into<String>,
24{
25 g.add_pattern(name, pattern)
26}
27
28pub fn add_pattern_default_name(g: &mut Grok, pattern: &str) {
29 add_pattern(g, TIMESTAMP_NAME_DEFAULT, pattern)
30}
31
32pub fn add_pattern_default(g: &mut Grok) {
33 add_pattern_default_name(g, TIMESTAMP_PATTERN_DEFAULT)
34}