Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 3c72829216
Branches Tags
elasticsearch
/
docs
/
reference
/
esql
/
processing-commands
/
grok.asciidoc

grok.asciidoc 502 B
History Raw

1234567891011121314151617181920212223 
  1. [[esql-grok]]
    2. 

  2. === `GROK`
    3. 

  3. 

  4. `GROK` enables you to extract structured data out of a string. `GROK` matches
    5. 

  5. the string against patterns, based on regular expressions, and extracts the
    6. 

  6. specified patterns as columns.
    7. 

  7. 

  8. Refer to the <<grok-processor,grok processor documentation>> for the syntax for
    9. 

  9. of grok patterns.
    10. 

  10. 

  11. For example:
    12. 

  12. 

  13. [source,esql]
    14. 

  14. ----
    15. 

  15. include::{esql-specs}/grok.csv-spec[tag=grok]
    16. 

  16. ----
    17. 

  17. 

  18. Returns:
    19. 

  19. 

  20. [%header,format=dsv,separator=|]
    21. 

  21. |===
    22. 

  22. include::{esql-specs}/grok.csv-spec[tag=grok-result]
    23. 

  23. |===
    24.