Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

grok pauses or gets stuck while processing a log file with follow: true #2

Open
nareshov opened this issue Mar 26, 2011 · 0 comments
Open

grok pauses or gets stuck while processing a log file with follow: true #2

nareshov opened this issue Mar 26, 2011 · 0 comments

Comments

@nareshov
Copy link

grok script used:

program {
  load-patterns: "patterns/base"
  load-patterns: "patterns/linux-syslog"
  load-patterns: "patterns/postfix"
#  exec "grep outbound- /var/log/maillog"
#  file "/var/log/maillog.1" {
  file "/var/lib/hadoop-0.20/ajay.m/maillog.1" {
    follow: true
  }

  match {
    pattern: "%{POSTFIXSMTPLOG}"
    #reaction: "%{QUEUEID}: %{logsource} %{to} %{relay} got response: %{reason}"
    reaction: "%{QUEUEID}: %{logsource} %{to} via %{relay}"
  }
}

Input logs which match the pattern look like:

Mar 26 04:02:11 outbound-us2 postfix/smtp[23113]: 3C8C7ED4D11: to=, relay=none, delay=0, delays=0/0/0/0, dsn=5.4.6, status=bounced (mail for domain.com loops back to myself)

postfix patterns used: https://gist.github.com/be1b531485eaca695ab7
(markdown was eating up line 4, hence gisted)

Without follow: true, the grok script returns.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nareshov