Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

Create a hive table upon a fixed-width log file but the last column width is not fixed

Labels:
avatar
author-rank Seaport
Expert Contributor

Created ‎05-31-2019 02:39 PM

Basically, I am trying to analyze SQL server log files using Hive.

The layout is the log file is

  1. char(23) - for timestamp
  2. char(1) - space
  3. char(12) - source
  4. the rest of the row, and the length varies.

The row delimiter is CR+LF.

Below are some entries in the log.

2019-05-28 07:29:55.03 Server      UTC adjustment: -7:00 
2019-05-28 07:29:55.03 Server      (c) Microsoft Corporation. 
2019-05-28 07:29:55.03 Server      All rights reserved. 
2019-05-28 07:29:55.03 Server      Server process ID is 3368.

There are several posts here regarding fixed-width column layout. But in my case, the last column is identified not by the width but by the row delimiter.


3,044 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank Shu_ashu
Master Guru

Created ‎06-01-2019 03:57 PM

@Haijin Li

Use hive Regex serde and your matching regex will be

(.{22})(.{1})(.{12})(.*)

(.{22}) -> 1st capture group for 22 characters

(.{1}) -> 2nd for 1 character

(.{12}) -> 3rd for 12 characters

(.*) -> 4th capture group matches for rest of the row.


View solution in original post

2,978 Views
0 Kudos
4 REPLIES 4

avatar
author-rank Shu_ashu
Master Guru

Created ‎06-01-2019 03:57 PM

@Haijin Li

Use hive Regex serde and your matching regex will be

(.{22})(.{1})(.{12})(.*)

(.{22}) -> 1st capture group for 22 characters

(.{1}) -> 2nd for 1 character

(.{12}) -> 3rd for 12 characters

(.*) -> 4th capture group matches for rest of the row.


2,979 Views
0 Kudos

avatar
author-rank Seaport
Expert Contributor

Created ‎06-02-2019 03:22 AM

@Shu

Thanks for your help. I am currently on the road and will test your solution once I am back in office.

2,978 Views
0 Kudos

avatar
author-rank Seaport
Expert Contributor

Created on ‎06-03-2019 04:14 AM - edited ‎08-17-2019 03:14 PM

@Shu

Your code put me on the right track. Thanks again.

However, I got some strange returned records. Here are my guesses of the possible causes.

1. The CR and LF as the row delimiter and they are not the default row delimiter of the regex SerDe. How can I specify the row delimiter?

2. There are two strange characters in the first column of the first row. It might be related to the row delimiter too.

Below is the create-table script.

Create External Table slog(LogTime string, LogSource string, LogMessage string) ROW FORMAT SERDE 'org.apache.hadoop.hive.contrib.serde2.RegexSerDe' WITH SERDEPROPERTIES ("input.regex" = "(.{46})(.{24})(.*)") LOCATION '/path/to/slog/';

I attached a screenshot of the log file (in notepad ++) and the hive query result.

109151-captureserde.png


2,978 Views
0 Kudos

avatar
author-rank Shu_ashu
Master Guru

Created ‎06-04-2019 03:04 AM

@Haijin Li

Try with this and this approaches and also to test out the regex serde functionality, Create new file using vi editor in shell and move it to HDFS directory and create table on top of this directory.

2,978 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements