Home Explore Help
Register Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 5aa1feb63f
Branches Tags
elasticsearch
/
docs
/
reference
/
esql
/
processing-commands
/
grok.asciidoc

grok.asciidoc 522 B
History Raw

1234567891011121314151617181920 
  1. [[esql-grok]]
    2. 

  2. === `GROK`
    3. 

  3. 

  4. `GROK` enables you to extract structured data out of a string. `GROK` matches
    5. 

  5. the string against patterns, based on regular expressions, and extracts the
    6. 

  6. specified patterns as columns.
    7. 

  7. 

  8. Refer to the <<grok-processor,grok processor documentation>> for the syntax for
    9. 

  9. of grok patterns.
    10. 

  10. 

  11. For example:
    12. 

  12. 

  13. [source.merge.styled,esql]
    14. 

  14. ----
    15. 

  15. include::{esql-specs}/grok.csv-spec[tag=grok]
    16. 

  16. ----
    17. 

  17. [%header.monospaced.styled,format=dsv,separator=|]
    18. 

  18. |===
    19. 

  19. include::{esql-specs}/grok.csv-spec[tag=grok-result]
    20. 

  20. |===
    21.