lognormalizer(1)
test and debug liblognorm rulebases
Description
LOGNORMALIZER
NAME
lognormalizer - test and debug liblognorm rulebases
OPTIONS
|
-r<rulebase> Rulebase to use. This is required option |
||
|
-H |
print summary line (nbr of msgs Handled)
|
-U |
print number of unparsed messages (only if non-zero) |
|||
|
-e |
<json|xml|csv|cee-syslog|raw>
Change output format. By default, json is used Raw is exactly like the input. It is useful in combination with -p/-P options to extract known good/bad messages
-E<format>
Encoder-specific format (used for CSV, read docs)
|
-T |
Include ’event.tags’ in JSON format |
-oallowRegex Allow regexp matching (read docs about performance penalty)
-oaddRule
Add a mockup of the matching rule.
|
-oaddRuleLocation Add location of matching rule to metadata | |
|
-oaddExecPath Add exec_path attribute to output | |
|
-oaddOriginalMsg Always add original message to output, not just in error case | |
|
-p |
Print back only if the message has been parsed successfully
|
-P |
Print back only if the message has NOT been parsed successfully |
|||
|
-L |
Add source file line number information to unparsed line output |
-t<tag>
Print back only messages matching the tag
|
-v |
Print debug. When used 3 times, prints parse DAG |
|||
|
-V |
Print version information |
|||
|
-d |
Print DOT file to stdout and exit |
|||
|
-d |
<filename> Save DOT file to the filename
|
-s<filename> Print parse dag statistics and exit |
||
|
-S<filename> Print extended parse dag statistics and exit (includes -s) |
||
|
-x<filename> Print statistics as dot file (called only) |