Created
June 15, 2018 16:51
-
-
Save mafonso/9074ddfd75ea1adfbd0fc497c29c4552 to your computer and use it in GitHub Desktop.
ALB Logs Athena
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CREATE EXTERNAL TABLE IF NOT EXISTS alb_logs ( | |
| type string, | |
| time string, | |
| elb string, | |
| client_ip string, | |
| client_port int, | |
| target_ip string, | |
| target_port int, | |
| request_processing_time double, | |
| target_processing_time double, | |
| response_processing_time double, | |
| elb_status_code string, | |
| target_status_code string, | |
| received_bytes bigint, | |
| sent_bytes bigint, | |
| request_verb string, | |
| request_url string, | |
| request_proto string, | |
| user_agent string, | |
| ssl_cipher string, | |
| ssl_protocol string, | |
| target_group_arn string, | |
| trace_id string, | |
| domain_name string, | |
| chosen_cert_arn string, | |
| matched_rule_priority string, | |
| request_creation_time string, | |
| actions_executed string | |
| ) | |
| ROW FORMAT SERDE 'org.apache.hadoop.hive.serde2.RegexSerDe' | |
| WITH SERDEPROPERTIES ( | |
| 'serialization.format' = '1', | |
| 'input.regex' = | |
| '([^ ]*) ([^ ]*) ([^ ]*) ([^ ]*):([0-9]*) ([^ ]*):([0-9]*) ([-.0-9]*) ([-.0-9]*) ([-.0-9]*) (|[-0-9]*) (|[-0-9]*) (|[-0-9]*) (|[-0-9]*) \"([^ ]*) ([^ ]*) (- |[^ ]*)\" \"([^\"]*)\" ([A-Z0-9-]+) ([A-Za-z0-9.-]*) ([^ ]*) \"([^\"]*)\" \"([^\"]*)\" \"([^\"]*)\" ([-.0-9]*) ([^ ]*) \"([^\"]*)\"' ) | |
| LOCATION 's3://bucket/logs/path/'; | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment