Expand description
drain3 — fast log template extraction via fixed-depth prefix trees.
Rust port of logpai/Drain3. Splits log lines into tokens,
clusters them by a prefix tree keyed on token count, and replaces
variable tokens with a param placeholder (<*> by default).
§Example
use drain3::Config;
let samples: Vec<String> = vec![
"connection from 10.0.0.1 timeout after 5000ms".into(),
"connection from 10.0.0.2 timeout after 3000ms".into(),
"connection from 10.0.0.3 timeout after 1000ms".into(),
];
let matcher = drain3::train(&samples, Config::default())?;
let (id, args, ok) = matcher.match_line("connection from 192.168.1.1 timeout after 42ms");
assert!(ok);
assert_eq!(args, vec!["192.168.1.1", "42ms"]);Structs§
- Config
- Controls training and matching behavior.
- Config
Builder - Fluent builder for
Config. - Matcher
- A trained DRAIN matcher. Holds the prefix tree, token dictionary, and precomputed indices for fast line matching.
- Render
Plan - Precomputed recipe for rendering a template with supplied parameter values.
- Template
- A trained log template.
Enums§
- Error
- All the ways training or template reconstruction can fail. Errors that can occur during training or template reconstruction.
Functions§
- matcher_
from_ templates - Rebuild a matcher from pre-existing templates.
- stride_
sample - Deterministically sample lines as fixed-size blocks at regular strides with random jitter inside each stride window.
- train
- Train a matcher with the provided config.
- train_
with_ config - Train a matcher with custom config.