topic Re: In log file line break not working. in Getting Data In

In log file line break not working.

nitesh218ss — Mon, 27 Apr 2015 09:17:30 GMT

i working in sample log file in which some event break line is different i use BREAK_LINE = ([\r\n]+)/d+/./d/./d+* but not work my log file is:

21/11/2014|16:07:01.383| 6|000000000006|RetrieveCardDetails |Internal Gateway: Received the following: System ID: [ParentMail], PublicSecurityToken ID: [mIgxoHhht1SAa+QMqx0FQoYsYGZ9WiyQ/V5g2AqtLAwqf9bEq0+7y7XzYQv3Ff7h], Security Code: [****uise]
21/11/2014|16:07:01.399| 2|000000000006|.ctor |New instance of Web Service 'AccountManagementBusiness' class created
21/11/2014|16:07:01.664| 6|000000000006|RetrieveCardDetails |Internal Gateway: Responding with Card Details [

<SystemID>ParentMail</SystemID>


<CardNumber></CardNumber>
<ExpiryDate></ExpiryDate>
<IssueNumber>0</IssueNumber>
<CaptureMethod>CA</CaptureMethod>

]
21/11/2014|16:12:05.174| 6|000000000007|ProcessRequest |Request Message Updated by TS3 (Internal GW): [ ParentMail 40232481 20141121 161205 200 SALE 0 GBP CARD REALTIME 1824 Transaction Item 1817 200 0 200 0 ECOMMERCE VIRTUAL 28 30 D0C100 AAABCGCViQAAACaZIJWJAAAAAAA= 20141121161200003123 05 cexhvm3w3vi3r332aryok1y5]
21/11/2014|16:12:05.190| 2|000000000007|.ctor |New instance of Web Service 'AccountManagementBusiness' class created

If you see in log file line is start with date. like 21/11/2014

My props.conf file configration is:

[line_try]
FIELD_DELIMITER = |
FIELD_NAMES = datee,timee,no1,no2,msg1,msg2
INDEXED_EXTRACTIONS = csv
KV_MODE = none
LINE_BREAKER = ([\r\n]+)/d+/./d/./d+*
NO_BINARY_CHECK = true
SHOULD_LINEMERGE = false
category = Structured
description = Comma-separated value format. Set header and other settings in "Delimited Settings"
disabled = false
pulldown_type = true

Please tell me what i do for line break correctly in every event.

Re: In log file line break not working.

richgalloway — Mon, 27 Apr 2015 12:17:55 GMT

Forward slashes must be escaped in regex strings, plus you have a stray dot. Try this string, which works in regex101.com:

([\r\n]+)\d+\/\d+\/\d+

Re: In log file line break not working.

nitesh218ss — Tue, 28 Apr 2015 06:50:37 GMT

i try this but not work
Many way i try to change props.conf but not work

[line_try]
FIELD_DELIMITER = |
FIELD_NAMES = datee,timee,no1,no2,msg1,msg2
INDEXED_EXTRACTIONS = csv
KV_MODE = none
LINE_BREAKER = ([\r\n]+)\d+\/\d+\/\d+
NO_BINARY_CHECK = true
SHOULD_LINEMERGE = false
category = Structured
description = Comma-separated value format. Set header and other settings in "Delimited Settings"
disabled = false
pulldown_type = true

[line_try]
FIELD_DELIMITER = |
FIELD_NAMES = datee,timee,no1,no2,msg1,msg2
INDEXED_EXTRACTIONS = csv
KV_MODE = none
BREAK_ONLY_BEFORE = ^(\d\d\/\d\d\/\d\d\d\d)
BREAK_ONLY_BEFORE_DATE = True
NO_BINARY_CHECK = true
SHOULD_LINEMERGE = false
category = Structured
description = Comma-separated value format. Set header and other settings in "Delimited Settings"
disabled = false
pulldown_type = true

[line_try]
BREAK_ONLY_BEFORE = ^(\d\d\/\d\d\/\d\d\d\d)
FIELD_DELIMITER = |
FIELD_NAMES = datee,timee,no1,no2,msg1,msg2
LINE_BREAKER = ([\r\n]+)\d+\/\d+\/\d+
NO_BINARY_CHECK = true
SHOULD_LINEMERGE = false
category = Custom
disabled = false
pulldown_type = true

After change i restart every time but they not work