Friends, I have some access.log files with log format
$host - $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"
None of the predefined in misc/log-analytics/import_logs.py match.
iI’ve added
_HOST_PREFIX_MODIFED = r'(?P<host>[\w\-\.]*) -(?::\d+)?\s+'
FORMATS = {
[...]
,'common_vhost_modifed': RegexFormat('common_vhost_modifed', _HOST_PREFIX_MODIFED + _COMMON_LOG_FORMAT)
}
And run the importer with --log-format-name=common_vhost_modifed
Is this the proper way to do it?
Thanks in advanced!