mirror of
https://github.com/iSharkFly-Docs/opensearch-docs-cn
synced 2025-02-10 13:25:07 +00:00
ef83f6d7d5
* Added metrics section to Aggregate processor page. Signed-off-by: carolxob <carolxob@amazon.com> * Added Metrics section to individual Processors pages. Signed-off-by: carolxob <carolxob@amazon.com> * Added metrics section for JSON processor. Signed-off-by: carolxob <carolxob@amazon.com> * Added metrics sections. Changed Default is to Default value is. Signed-off-by: carolxob <carolxob@amazon.com> * Corrected references from AWS S3 to Amazon S3. Signed-off-by: carolxob <carolxob@amazon.com> * Minor updates to Metrics sections and phrasing. Signed-off-by: carolxob <carolxob@amazon.com> * Updated Action link. Signed-off-by: carolxob <carolxob@amazon.com> * Updates based on tech review feedback. Signed-off-by: carolxob <carolxob@amazon.com> * Updates based on tech review feedback. Signed-off-by: carolxob <carolxob@amazon.com> * Tech review feedback. Signed-off-by: carolxob <carolxob@amazon.com> * Minor updates to buffer_size and batch_size default values. Signed-off-by: carolxob <carolxob@amazon.com> * Edits to Metrics sections for each processor. Signed-off-by: carolxob <carolxob@amazon.com> * Update made based ondoc review feedback. Signed-off-by: carolxob <carolxob@amazon.com> * Minor updates to intro text for processor pages. Minor adjustements to other text for clarity. Signed-off-by: carolxob <carolxob@amazon.com> * Minor edits. Signed-off-by: carolxob <carolxob@amazon.com> * Adjustements to phrasing, fixed typos. Signed-off-by: carolxob <carolxob@amazon.com> * Minor updates to word choice and corrected a typo. Signed-off-by: carolxob <carolxob@amazon.com> * Minor edit. Signed-off-by: carolxob <carolxob@amazon.com> * Made updates based ondoc review feedback. Signed-off-by: carolxob <carolxob@amazon.com> * Updates to http-source. Signed-off-by: carolxob <carolxob@amazon.com> * Added common processors table to affected docs. Signed-off-by: carolxob <carolxob@amazon.com> * Minor update to one file. Signed-off-by: carolxob <carolxob@amazon.com> * Minor update based on tech review feedback. Signed-off-by: carolxob <carolxob@amazon.com> * Minor edits. Signed-off-by: carolxob <carolxob@amazon.com> * Major editorial feedback incorporated through key-value.md. Signed-off-by: carolxob <carolxob@amazon.com> * Incorporated major editorial feedback thup to service-map-stateful. Signed-off-by: carolxob <carolxob@amazon.com> * Incorporated major editorial feedback for Processors section. Signed-off-by: carolxob <carolxob@amazon.com> * Major editorial updates, specifically to inclusion of text introducing option configuration tables. Signed-off-by: carolxob <carolxob@amazon.com> * Major editorial feedback through otel-trace.md incorporated. Signed-off-by: carolxob <carolxob@amazon.com> * Major editorial edits incorporated. Signed-off-by: carolxob <carolxob@amazon.com> * Technical feedback and editorial feedback incorporated. Signed-off-by: carolxob <carolxob@amazon.com> * Incorporated missing editorial feedback. Signed-off-by: carolxob <carolxob@amazon.com> * Minor adjustements to OpenSearch sink. Signed-off-by: carolxob <carolxob@amazon.com> * Minor changes to capitalization. Signed-off-by: carolxob <carolxob@amazon.com> * Minor edits. Signed-off-by: carolxob <carolxob@amazon.com> * Made one instance of processor name consistent with other references. Signed-off-by: carolxob <carolxob@amazon.com> * Minor update based on editorial feedback. Signed-off-by: carolxob <carolxob@amazon.com> --------- Signed-off-by: carolxob <carolxob@amazon.com>
3.1 KiB
3.1 KiB
| layout | title | parent | grand_parent | nav_order |
|---|---|---|---|---|
| default | grok | Processors | Pipelines | 45 |
grok
Overview
The Grok processor takes unstructured data and utilizes pattern matching to structure and extract important keys. The following table describes options you can use with the Grok processor to structure your data and make your data easier to query.
| Option | Required | Type | Description |
|---|---|---|---|
| match | No | Map | Specifies which keys to match specific patterns against. Default value is an empty body. |
| keep_empty_captures | No | Boolean | Enables preserving null captures. Default value is false. |
| named_captures_only | No | Boolean | Specifies whether to keep only named captures. Default value is true. |
| break_on_match | No | Boolean | Specifies whether to match all patterns or stop once the first successful match is found. Default value is true. |
| keys_to_overwrite | No | List | Specifies which existing keys will be overwritten if there is a capture with the same key value. Default value is []. |
| pattern_definitions | No | Map | Allows for custom pattern use inline. Default value is an empty body. |
| patterns_directories | No | List | Specifies the path of directories that contain customer pattern files. Default value is an empty list. |
| pattern_files_glob | No | String | Specifies which pattern files to use from the directories specified for pattern_directories. Default value is *. |
| target_key | No | String | Specifies a parent-level key used to store all captures. Default value is null. |
| timeout_millis | No | Integer | The maximum amount of time during which matching occurs. Setting to 0 disables the timeout. Default value is 30,000. |
Metrics
The following table describes common Abstract processor metrics.
| Metric name | Type | Description |
|---|---|---|
recordsIn |
Counter | Metric representing the ingress of records to a pipeline component. |
recordsOut |
Counter | Metric representing the egress of records from a pipeline component. |
timeElapsed |
Timer | Metric representing the time elapsed during execution of a pipeline component. |
The Grok processor includes the following custom metrics.
Counter
grokProcessingMismatch: Records the number of records that did not match any of the patterns specified in the match field.grokProcessingMatch: Records the number of records that matched at least one pattern from thematchfield.grokProcessingErrors: Records the total number of record processing errors.grokProcessingTimeouts: Records the total number of records that timed out while matching.
Timer
grokProcessingTime: The time taken by individual records to match against patterns frommatch. Theavgmetric is the most useful metric for this timer because it provides you with an average value of the time it takes records to match.