Skip to content

Instantly share code, notes, and snippets.

@guitarrapc

guitarrapc/datadog_logmanagement_iis.parser

Last active February 21, 2019 06:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save guitarrapc/e37f9c770464b45eec0bfab06c48811a to your computer and use it in GitHub Desktop.
Save guitarrapc/e37f9c770464b45eec0bfab06c48811a to your computer and use it in GitHub Desktop.
Download ZIP
W3CExtended log parser for IIS on Datadog Log Management Pipeline
Raw
datadog_logmanagement_iis.parser
W3CExtended %{date("yyyy-MM-dd HH:mm:ss"):date_access} %{word:http.ident} %{word:http.hostname} %{ip:server.ip} %{word:http.method} %{notSpace:http.url:nullIf("-")} (%{data:request:keyvalue("=","/:")}) %{number:server.port} %{data:user.name:nullIf("-")} %{ip:network.client.ip} HTTP\/%{regex("\\d+\\.\\d+"):http.version} %{data:useragent:useragent(false)} (%{data:cookie:keyvalue("=","/:")})\|%{date("yyyy-MM-dd'T'HH:mm:ss.SSSZ"):cookie.date};\+(_ga=%{data:cookie.ga}) %{notSpace:http.referer} %{notSpace:http.server_name} %{number:http.status_code} %{number:http.sub_status_code} %{number:iis.win_32_status} %{number:network.bytes_written} %{number:network.bytes_read} %{number:duration:scale(1000)}
@guitarrapc
Copy link
Author

guitarrapc commented Feb 15, 2019
edited

TODO

require to parse cookie.

WHY CANT

how to parse cookie recursively when it contains ';+'....
how Datadog parse google analytics.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment