Win Log Analyzer

User Manual

Wrapper settings

Configure Wrapper settings to parse log correctly
Capture rules

Each record field require to be correctly configured before parsed correctly.
To understand how a log is composed, Win Log Analyzer need to be feed by some informations:

Beginning of the line

This is the regular expression that indicates when a log line starts.
Everytime WLA parser match this input, a new record is created

Example

Let's make an example of a log line:

2015-10-15 09:17:05,350 INFO [classname] this is a log message

The regular expression to match the start of the line could be:

\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2},\d{3}

Another log line example:

2015 Oct 15 09:17:05 [DEBUG] [classname] etc..

The regular expression suggestion is:

\d{4} \w+ \d{2} \d{2}:\d{2}:\d{2}

Date (regex)

This is the regular expression that indicates when log line is produced
Often log line starts with the log date, so begin of the line may be the same

Example

An example of log line:

20/03/2014 17:10:23,400 WARN - ClassName - log message

Possible solution:

\d{2}\/\d{2}\/\d{4} \d{2}:\d{2}:\d{2},\d{3}

Date format

The format of the date used in the log file

Example

Here's a date example:

20-03-2015 11:55:20

The correct date format would be:

dd-MM-yyyy HH:mm:ss

Refer to page for all available formats

Culture

Specify which culture is used to parse date.
This is necessary in some case, for example when day or month's name are used.

Example

Oct requires an en or us culture value.
Ott stands for Ottobre, the it (italian) equivalent of October

Level (regex)

Regex to capture log level (ex. DEBUG).
Use pipe | to capture multiple log level (ex. DEBUG|INFO|ERROR)

Group match

Group match is used for date and level, and indicates the effective group number to use when multiple groups are used in regular expression


Starred MediaSoft offer free software asking nothing in return.
Nevertheless, You can show your appreciation for Starred MediaSoft products and support future development by donating.