I am pretty new to grok. Am trying to understand it by testing some grok patterns using online Online Grok Tool.
I followed the instruction provided in the Link for the same.
When am testing as mentioned in the instructions link I don't see any output. please see below for error,
127.0.0.1 – – [11/Dec/2013:00:01:45 -0800] “GET /xampp/status.php HTTP/1.1” 200 3891 “http://cadenza/xampp/navi.php” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:25.0) Gecko/20100101 Firefox/25.0”
This is because you copy/pasted the log directly from website, which copied html entity characters.
observe how – – are not - -, and “ ” are not " " in the following log,
127.0.0.1 – – [11/Dec/2013:00:01:45 -0800] “GET /xampp/status.php HTTP/1.1” 200 3891 “http://cadenza/xampp/navi.php” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:25.0) Gecko/20100101 Firefox/25.0”
Following should work fine,
127.0.0.1 - - [11/Dec/2013:00:01:45 -0800] "GET /xampp/status.php HTTP/1.1" 200 3891 "http://cadenza/xampp/navi.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:25.0) Gecko/20100101 Firefox/25.0"