It should be visible on the Readme page.

From the code it looks like it loads the file locally to bring in grok patterns. It'd be great if I could provide a supplemental file with custom patterns to also include. Or if that already exists it'd be great to see how to do so.

https://twitter.com/doctordns/status/1463072577828659205

Now, the build.ps1 and build.sh just restore tools and run dotnet cake command.
It would be great to have possibility to pass Target argument

.\build.ps1 --target Test

This project is a simple implementation of grok parser. It would be great to have some suggestions how it can be improved. Maybe some ideas for new features.

Add cake script to build package

Add Publish NuGet package action

Can we remove grok-patterns file and hardcode all values into the source code?
What do you think?

The SDK provides a tool to validate NuGet packages right after creating them. At the moment, it provides the following checks:

• Validates that there are no breaking changes across versions
• Validates that the package has the same set of publics APIs for all the different runtime-specific implementations
• Helps developers catch any applicability holes

To enable it, you can add the following property to your project file:

<Project>
  <PropertyGroup>
    <EnablePackageValidation>true</EnablePackageValidation>

    <!-- Optional: Detect breaking changes from a previous stable version -->
    <PackageValidationBaselineVersion>1.0.0</PackageValidationBaselineVersion>
  </PropertyGroup>
</Project>

Hi. I would like to help out on this project. There a way to get started?

Issue Description:
The current implementation of Grok does not validate if the Grok patterns specified in an expression are defined in the loaded patterns. This can lead to runtime errors when there are typos or usage of undefined patterns.

Proposed Enhancement:
I propose adding a method to validate Grok patterns against the set of loaded patterns. This method will ensure each pattern used in a Grok expression is defined. Here's the proposed implementation:

private void ValidateGrokPattern(string grokPattern)
{
    var grokPatternRegex = new Regex("%\\{(.*?)(?::\\w+)?\\}");
    MatchCollection matches = grokPatternRegex.Matches(grokPattern);

    foreach (Match match in matches.Cast<Match>())
    {
        var patternName = match.Groups[1].Value;
        if (!_patterns.ContainsKey(patternName))
        {
            throw new FormatException($"Invalid Grok pattern: Pattern '{patternName}' not found.");
        }
    }
}

If you agree on this enhancement I can be assigned this issue and will submit a PR. Thank you.

Extend workflow with: https://github.com/zbeekman/EditorConfig-Action

Hello,

at first, I would like to thank you for this awesome project. Very helpful! During my tests I noticed something, that might be a little confusing or at least there is room for improvement...

I used the following code with a custom pattern:

var stream = new MemoryStream(Encoding.Default.GetBytes("NOTDIRSEP [^/\\]*"));
var grok = new Grok("input/%{NOTDIRSEP:genre}/", stream);
var result = grok.Parse("input/Fantasy/");

The result was empty, no errors. After some debugging I noticed, that I accidentaly used an invalid pattern (escaping is hard! ;-) ):

# invalid pattern
NOTDIRSEP [^/\\]*

# valid pattern
NOTDIRSEP [^/\\\\]*

So, this produced the expected result:

var stream = new MemoryStream(Encoding.Default.GetBytes("NOTDIRSEP [^/\\\\]*"));
var grok = new Grok("input/%{NOTDIRSEP:genre}/", stream);
var result = grok.Parse("input/Fantasy/");

It turned out, that the invalid pattern was just silently ignored without the possibility of handling an error - except running the ignored regex check manually beforehand. See

There is also a little inconsistency:

• LoadCustomPatterns may throw a new FormatException("Custom pattern was not in a correct form"); when the pattern is not separated by (space) - called in a constructor, which seems a bit of a code smell
• Invalid regular expressions are silently ignored

I think there should be at least something like public List<(string, string)> InvalidCustomPatterns, while adding a list item (customPattern, errorMessage), if the Regex-Check fails - or, since there already is an exception, just rethrowing it with a more detailed error.

What do you think?

Hi,

Since we're essentially passing down Regex to Grok, and Regex supports multiline via RegexOptions.Singleline, could it be supported in this package? I have some logs that unfortunately have \ns in them and I don't want to create a new object via .Replace() call. As it stands now, when I try to parse such string I only get items up to newline :(

Context

The support of custom grok patterns was added in #15

Just add the directory with the name Patterns and a file (the file name doesn't matter) with your own patterns.

Like Patterns\grok-custom-patterns:

ZIPCODE [1-9]{1}[0-9]{2}\s{0,1}[0-9]{3}

and use:

Grok grok = new Grok("%{ZIPCODE:zipcode}:%{EMAILADDRESS:email}");
var grokResult = grok.Parse($"122001:[email protected]");

DoD

Describe a new feature in README

Hi,

I'd like to add the ability to grok base64 strings from text.
I would add a pattern to detect Base64 to grok-patterns and then have a validator to run over any matches to ensure they truly were base64 encoded using something like below on each match and filtering out the ones that return false:

public static bool IsBase64String(string base64)
{
Span<byte> buffer = new Span<byte>(new byte[base64.Length]);
return Convert.TryFromBase64String(base64, buffer , out int bytesParsed);
}

As per contributing guidelines, I'm raising an issue for discussion and if approved, I'll put a PR together.
Thanks :)

Now it is

Let's improve that

GitHub is working on replacing the term "master" on its service with a neutral term like "main" to avoid any unnecessary references to slavery

See https://github.com/github/renaming

build.cake has already had template for task "Run-Unit-Tests". Need to add a simple run of unit test

We need to add Build/publish scripts to Cake
#46

@moeddami Would you be interested in it?

Need to add unit tests using Xunit framework

Consumers should be able to debug the code of the package if something doesn't work as expected.
Use <DebugType>embedded</DebugType>, include the PDbs in the package, or use a symbol package (snupkg)
PDB should use the portable format to be compatible with all platforms. The file is also smaller than the Windows PDB format.

This project is a simple implementation of grok parser. It would be great to have some suggestions how it can be improved. Maybe some ideas for new features.

Add Create Release action

Currently, the result is a list. This code:

Grok grok = new Grok("%{MONTHDAY:month}-%{MONTHDAY:day}-%{MONTHDAY:year} %{TIME:timestamp};%{WORD:id};%{LOGLEVEL:loglevel};%{WORD:func};%{GREEDYDATA:msg}");
string logs = @"06-21-19 21:00:13:589241;15;INFO;main;DECODED: 775233900043 DECODED BY: 18500738 DISTANCE: 1.5165
                06-22-19 22:00:13:589265;156;WARN;main;DECODED: 775233900043 EMPTY DISTANCE: --------";
var grokResult = grok.Parse(logs);
foreach (var item in grokResult)
{
  Console.WriteLine($"{item.Key} : {item.Value}");
}

will print :

month : 06
day : 21
year : 19
timestamp : 21:00:13:589241
id : 15
loglevel : INFO
func : main
msg : DECODED: 775233900043 DECODED BY: 18500738 DISTANCE: 1.5165
month : 06
day : 22
year : 19
timestamp : 22:00:13:589265
id : 156
loglevel : WARN
func : main
msg : DECODED: 775233900043 EMPTY DISTANCE: --------

It could be really useful to group the keys, e.g grokResult.AsDictionary(); to get:

month:
        06
        06
day:
        21
        21
year:
        19
        19
timestamp:
        21:00:13:589241
        21:00:13:589265
id:
        15
        156
loglevel:
        INFO
        WARN
func:
        main
        main
msg:
        DECODED: 775233900043 DECODED BY: 18500738 DISTANCE: 1.5165
        DECODED: 775233900043 EMPTY DISTANCE: --------

Context

The support of custom grok patterns was added in #15

Just add the directory with name Patterns and a file (the file name doesn't matter) with your own patterns.

Like Patterns\grok-custom-patterns:

ZIPCODE [1-9]{1}[0-9]{2}\s{0,1}[0-9]{3}

and use:

Grok grok = new Grok("%{ZIPCODE:zipcode}:%{EMAILADDRESS:email}");
var grokResult = grok.Parse($"122001:[email protected]");

IndexOutOfRangeException

There is an issue when that custom file has the wrong content.

How to reproduce

Add to the Patterns\grok-custom-patterns the following data:

pattern

How to fix

Add some validation on load of custom grok file content. It should be pattern name, space, then the regexp for that pattern

Workflow in this repository should be both minimalistic and working example of creating your own NuGet available library. It needs some discussions what is a "good practice here". Here are some topics to discuss, even before implementing:

All with respect to versions/tags:

• take a version of the library from .csproj?
• when to tag?
• when to create a release?
• when and how to trigger publishing NuGet package?

The Regex class in the .NET uses the .NET regular expression engine. This engine is a good general-purpose engine, but it is not the fastest. If we need the best possible performance, you can use a faster regular expression engine, such as the PCRE library.

The PCRE library is a faster regular expression engine that is available for free.

We can use the PCRE library in C# by using the PCRE.NET: https://github.com/ltrzesniewski/pcre-net library. This library provides a .NET wrapper for the PCRE library.