Run grok regex against log line

grok.rb

#!/usr/bin/env ruby
require 'rubygems'
require 'grok-pure'

grok = Grok.new

Dir["/vol/logstash/patterns/patterns"].each { |p| grok.add_patterns_from_file(p) }

text = 'Oct 26 06:49:36 logstash puppet-agent[4443]: Finished catalog run in 7.02 seconds'

puts grok.discover(text)
pattern = "Invalid user %{USER:user} from %{IP:ip}"

puts text
puts pattern

grok.compile(pattern)
match = grok.match(text)
if match
  puts match.captures
else
  puts match.inspect
end