Log File Parsing

Log files contain structured data that's perfect for regex extraction. Let's parse common log formats.

Common Log Format

A typical web server log line:

192.168.1.1 - - [15/Jan/2024:10:30:45 +0000] "GET /page HTTP/1.1" 200 1234

Components:

• IP address
• Date/time
• HTTP method and path
• Status code
• Response size

Extracting IP Addresses

Extracting Dates

HTTP Methods

URL Paths

Status Codes

Error Log Patterns

JSON in Logs

Complete Log Parser

Captured groups:

1. IP address
2. Timestamp
3. HTTP method
4. Path
5. Status code
6. Response size

Application Logs

Practice Playground

Try extracting:

• IPs with errors: IPs from 4xx/5xx lines
• Paths for POST requests
• Response sizes > 1000
• Specific date ranges

Key Takeaways

• Log formats are predictable - use their structure
• Extract specific fields with capturing groups
• Use lookaround for clean extraction
• Filter by log level: \[ERROR\], \[WARN\]
• Status codes: [45]\d{2} for errors
• Build patterns incrementally for complex logs