Working with the Log Parser Sample

Introduction

This sample demonstrates the ability to create your own parser using the Hyades tools.


Contents

This sample will use the code created for a simple log parser to import the syslog1.log file shown below.

The format of the log file that will be parsed is as follows:

- The lines that are to be parsed begin with '##'
- The first component of the record is the severity of the message (i.e. Information, Error, or Warning)
- The second component of the record is the time stamp. The time stamp is in the following format: month.day.year.hour.min.sec. (e.g. 02.23.03.13.11.12 which corresponds to Feb 23, 2003 13:11:12)
- The third component is the text message describing an event.
- The last component is the record ID.


Assume that 'syslog1.log' is the filename of the log file. Here's an example of what the log file can look like:

Initialized on Jan 4, 2003
The following errors occurred while attempting to launch the x program...
## <Error> <02.22.03.10.53.22> Missing library file 00000000.000
## <Error> <02.22.03.10.53.22> Missing class 00000001.000
## <Error> <02.22.03.10.53.22> Missing Environmental Variable 00000002.000
## <Error> <02.22.03.10.53.22> Exception 00000003.000
## <Warning> <02.22.03.10.53.22> Connection without a firewall 00000004.000
System idle...
Host names connecting...
host1.domain.com
host2.domain.com
host3.domain.com
## <Information> <02.22.03.13.11.10> First time user: host3.domain.com 00000005.000
## <Information> <02.22.03.13.11.10> Performing security check host3.domain.com 00000005.001
Security check: host3.domain.com...
## <Warning> <02.22.03.13.11.11> host3.domain.com does not meet security requirements 00000005.002
Disconnecting host3.domain.com...
## <Information> <02.23.03.13.11.12> host3.domain.com has been disconnected 00000005.003
System idle...

Only the lines that begin with "##" will appear as a log record.


Requirements

Hyades 1.2.0 or above.


Importing the syslog1.log file

  1. Create the syslog1.log file locally.
  2. Before running this sample, add the required plug-ins to the search path of the Workbench then create a run-time instance of the Workbench.
    • Go to the Target Platform preferences page (Window > Preferences > Plug-In Development > Target Platform) and click on the Reload button then the Not In Workspace button. Click OK.
    • Now create a run-time instance of the Workbench (Run > Run As > Run-time Workbench).
    • Continue executing the next steps on this run-time instance of the Workbench.
  3. Open the Import wizard (File > Import).
  4. Select Log File then click Next. The Import Log File wizard opens.
  5. Click on the Add button to open the Add Log File wizard.
  6. Select Simple Parser V1.0 then click on the Details tab.
  7. Click on the Browse button and specify where the syslog1.log file is located.
  8. Enter arbitrary numbers for the version and release. Click OK.
  9. Click Finish to import the syslog1.log file.
  10. Right click on the file just imported and select Open With > Log View.
  11. The Log View opens to the right. You can select any log record in the Log View to view the value of its properties.
  12. You may also open the Log View by clicking on the Open Log View toolbar button.
  13. To correlate log records, close this run-time Workbench and run the Log Correlator Sample (File > New > Example, then select Hyades Logging and Log Correlator Sample).