Comments (6)
davidohana
commented on July 21, 2024
Hello,
This question is better asked at the original Drain repo: https://github.com/logpai/logparser/issues
However, I can tell from my experience that:
- Simple and well-defined constructs like IP are better masked with regex before passing to Drain (use masking feature of drain3 for that)
- Drain might have difficulties with multiple-words variables like
cmd. You might try to mask those too. - The
uservariable ion your example should be de-templated without a problem.
from drain3.
vikramriyer
commented on July 21, 2024
Thanks for answering and pointing me to the original repo, David. However, just a follow-up, I did not quite grasp what you meant by multuple-words variables.
from drain3.
davidohana
commented on July 21, 2024
I meant variables that can hold multiple words, or a sentence, like cmd in your example
from drain3.
vikramriyer
commented on July 21, 2024
Awesome, thanks. So should I assume that the pattern for the word user was correctly identified because it's an English dictionary valid word?
from drain3.
davidohana
commented on July 21, 2024
No, no relation to a dictionary, just because it's a single word.
from drain3.
vikramriyer
commented on July 21, 2024
Got it! Thanks for patiently answering David.
from drain3.
Related Issues (20)
- specify a log file HOT 1
- Saving log template/cluster and ID for each log HOT 2
- Error parsing logs: "ZeroDivisionError: float division by zero" HOT 4
- Restrictions on matching mode HOT 2
- About parameter `full_search_strategy` in drain match method HOT 12
- Windows regular expression HOT 1
- Drain3 deprecation warning with pip install command. HOT 2
- visualize drain parse tree (feature) HOT 1
- Hi, I've been trying to use drain for running log anomaly detection on some logs.
- Log Matching on new data HOT 2
- Chinese and English hybrid log template mining HOT 5
- Some DRAIN templates with <*> do not have parameters extracted HOT 7
- PermissionError when running with Persistance
- Is it possible to freeze templates when trainning? HOT 2
- Add a py.typed marker file
- `extra_delimiters` does not account for prefixed/suffixed delimiters
- Drain3 in golang HOT 2
- Masking Prefix and Suffix should not be escaped HOT 1
- A interesting issues. HOT 1
- big_file demo result's first cluster content is empty
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from drain3.