Support Questions

vijayanath · ‎06-30-2018

Have 2 date pattern in our log file is

Sep 3 15:10:54 192.168.0.1 3Sep2007

-----Our Zookeeper parser file

<code>    "parserConfig": {
            "grokPath": "/patterns/checkpoint",
            "patternLabel": "CUS_DELIMITED",
    "timestampField": "start_time",
    "timeFields": [
        "start_time",
        "end_time"
    ],
    "dateFormat": "MMM dd HH:mm:ss"
}

---our Pattern File

CUS_TIME_FORMAT %{MONTH:UNWANTED} %{MONTHDAY:UNWANTED} %{HOUR:UNWANTED}:%{MINUTE:UNWANTED}:%{SECOND:UNWANTED}

CUS_DELIMITED %{CUS_TIME_FORMAT:start_time} %{IP:ip_src_addr} %{DATA:end_time}

Getting Error

Grok statement produced a null message. Original message was: Sep 3 15:10:54 192.168.0.1 3Sep2007.

If changed log date to 2018-06-28 00:00:00 and date format to "dateFormat": "yyyy-MM-dd HH:mm:ss" It works.

Please help. Kindly suggest us what is wrong here. Thanks in Advance to all members.

rayarnav · ‎07-03-2018

@Vijay Radha

There is an error on your grok parser end_time is returned blank, I had to change it to GREEDYDATA.

%{CUS_TIME_FORMAT:start_time} %{IP:ip_src_addr} %{GREEDYDATA:end_time}

the dateFormat field seems to take only one date format so we can not use multiple date format definitions. Removing the end_time from the timeFields you can ingest the data.

Cloudera Community

Support Questions

grok Pattern for two date format

Format date in HIVE

Date Format in Impala

Nifi UpdateAttribute Date formatation

NiFi Error Handling - Design Pattern

Re: Log Forwarding & Ingestion Patterns using MiNi...

Convert date from different format to one particul...

NiFi Multiplexing - Design Pattern

Hadoop and LDAP: Usage, Load Patterns and Tuning

to convert date from one format to another.

Unable to convert date to a particular format