update grok

anthonycorbacho · anthonycorbacho · commit 98ef5c382d66 · 2013-05-18T01:37:25.000+09:00
diff --git a/patterns/base b/patterns/base
@@ -54,7 +54,7 @@ URIPATH (?:/[A-Za-z0-9$.+!*'(),~:#%_-]*)+|(?:\?[A-Za-z0-9$.+!*'(),~#%&/=:;_-]*)
 URIPARAM \?[A-Za-z0-9$.+!*'(),~#%&/=:;_-]*
 URIPATHPARAM %{URIPATH}(?:%{URIPARAM})?
 #URI %{URIPROTO:proto}://(?:%{USER:sur}(?::[^@]*)?@)?(?:%{URIHOST:host})?(?:%{URIPATHPARAM:params})?
-URI %{URIPROTO:proto}://(?:%{USER:sur}(?::[^@]*)?@)?(?:%{URIHOST:host})?(?:%{DATAS:params})?
+URI %{URIPROTO:proto}://(?:%{USER:UNWANTED}(?::[^@]*)?@)?(?:%{URIHOST:host})?(?:%{DATAS:params})?
 
 ############
 # DATE
@@ -109,8 +109,12 @@ QS %{QUOTEDSTRING}
 # LOGFORMAT SAMPLE
 ############
 SYSLOGBASE %{SYSLOGTIMESTAMP:timestamp} (?:%{SYSLOGFACILITY} )?%{SYSLOGHOST:logsource} %{SYSLOGPROG}:
-APACHE %{IP} - - \[%{HTTPDATE:timestamp}\] %{QS:query} %{NUMBER:response} (?:%{NUMBER:bytes}|-) %{QS:Referer} %{QS:agent}
-#drwxr-xr-x+  46 anthonyC  staff       1564 Dec 27 12:02 .
+
+APACHE (?:%{APACHE_FULL}|%{APACHE_LIGHT})
+APACHE_2 %{IP} %{USER:hyphen} %{USER:user} \[%{HTTPDATE:timestamp}\] %{QUOTEDSTRING:query} %{NUMBER:response} (?:%{NUMBER:bytes}|-)(?: %{QUOTEDSTRING:Referer} %{QUOTEDSTRING:agent})?
+APACHE_FULL %{IP} %{USER:hyphen} %{USER:user} \[%{HTTPDATE:timestamp}\] %{QUOTEDSTRING:query} %{NUMBER:response} (?:%{NUMBER:bytes}|-) %{QUOTEDSTRING:Referer} %{QUOTEDSTRING:agent}
+APACHE_LIGHT %{IP} %{USER:hyphen} %{USER:user} \[%{HTTPDATE:timestamp}\] %{QUOTEDSTRING:query} %{NUMBER:response} (?:%{NUMBER:bytes}|-)
+
 DIRECTORYCONTNENT %{DATA:permission}%{SPACE:UNWANTED}%{INT:size}%{SPACE:UNWANTED}%{USER}%{SPACE:UNWANTED}%{USER:Group}%{SPACE:UNWANTED}%{INT:molla}%{SPACE:UNWANTED}%{MONTH}%{SPACE:UNWANTED}%{MONTHDAY}%{SPACE:UNWANTED}%{HOUR}:%{MINUTE}%{SPACE:UNWANTED}%{GREEDYDATA:fileorfolder}
 # Log Levels
 LOGLEVEL ([T|t]race|TRACE|[D|d]ebug|DEBUG|[N|n]otice|NOTICE|[I|i]nfo|INFO|[W|w]arn?(?:ing)?|WARN?(?:ING)?|[E|e]rr?(?:or)?|ERR?(?:OR)?|[C|c]rit?(?:ical)?|CRIT?(?:ICAL)?|[F|f]atal|FATAL|[S|s]evere|SEVERE)
diff --git a/pom.xml b/pom.xml
@@ -4,7 +4,7 @@
 
   <groupId>com.nflabs</groupId>
   <artifactId>Grok</artifactId>
-  <version>0.0.3-SNAPSHOT</version>
+  <version>0.0.3.1-SNAPSHOT</version>
   <packaging>jar</packaging>
   <name>Grok</name>
   <url>http://maven.apache.org</url>
diff --git a/src/main/java/com/nflabs/Grok/Match.java b/src/main/java/com/nflabs/Grok/Match.java
@@ -8,6 +8,7 @@
 
 import com.google.code.regexp.Matcher;
 import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
 import com.nflabs.Grok.Grok;
 
 public class Match {
@@ -123,7 +124,7 @@ public String toJson(){
 			return null;
 		
 		this.cleanMap();
-		Gson gs = new Gson();		
+		Gson gs = new GsonBuilder().setPrettyPrinting().create();;//new Gson();		
 		return gs.toJson(/*cleanMap(*/_capture/*)*/);
 		
 	}
diff --git a/src/test/java/com/nflabs/Grok/GrokTest.java b/src/test/java/com/nflabs/Grok/GrokTest.java
@@ -28,8 +28,8 @@ public void testGrok() throws Throwable{
 		Match gm = g.match("64.242.88.10 - - [07/Mar/2004:16:05:49 -0800] \"GET /twiki/bin/edit/Main/Double_bounce_sender?topicparent=Main.ConfigurationVariables HTTP/1.1\" 401 12846 ");
 		gm.captures();
 		System.out.println(gm.toJson());
-		
-		
+
+
 		//lol
 		/*g.compile("%{URI}");
 			
@@ -44,4 +44,4 @@ public void testGrok() throws Throwable{
 		assertEquals(null, map.get("port"));
 		assertEquals("/search=lol", map.get("params"));*/
 	}
-}
+}
