Support Questions

accsmtpsetup · ‎04-26-2018

p.p1 {margin: 0.0px 0.0px 10.0px 0.0px; line-height: 18.0px; font: 15.0px Arial; color: #404041; -webkit-text-stroke: #404041} span.s1 {font-kerning: none}

I am trying to route all lines of the Web access logs that have HTTP Status Code that is not equal to 200 to Splunk. While all the original logs are written to HDFS as is. Using this pipeline GetFile->RouteText->PutSplunk on one side of GetFile and another branch with GetFile->PutHDFS. Everything is working fine except that the filter in RouteText is passing all the logs files instead of only passing the log lines that have HTTP Status code that is not 200. Here is the Regex I am using ${line:getDelimitedField(8,' '):trim():equals(200):not()}

accsmtpsetup · ‎04-26-2018

${line:getDelimitedField(7, ' '):trim():toNumber():gt(200)}

This regex worked for me.

View solution in original post

accsmtpsetup · ‎04-26-2018

I have added some screen shots of the pipeline and the RouteText processors config

accsmtpsetup · ‎04-26-2018

Any help is greatly appreciated.

accsmtpsetup · ‎04-26-2018

${line:getDelimitedField(7, ' '):trim():toNumber():gt(200)}

This regex worked for me.

Cloudera Community

Support Questions

Nifi RouteText Regex issue

NiFi RouteText Processor - Too Many Open Files

NIFI RouteText processor taking too long

Spark to support REGEX column specification for Hi...

NiFi ListFile/ListSFTP + FetchFile/FetchSFTP issue

regex pattern for hive regex serde

Regex to replace empty curl braces in nifi

[RESOLVED] NIFI : ListenHTTP : Header Regex

NiFi ListSFTP File Filter RegEx Not Listing files

Apache Nifi LDAP Authentication issue.

Regex # Special Character Escape