read_lines

Version: v5.1
read_lines
Parses an incoming bytes stream into events.
read_lines [skip_empty=bool, split_at_null=bool, split_at_regex=string]
Description
The read_lines operator takes its input bytes and splits it at a newline character.
Newline characters include:
\n
\r\n
The resulting events have a single field called line.
skip_empty = bool (optional)
Ignores empty lines in the input.
split_at_null = bool (optional)
Use null byte (\0) as the delimiter instead of newline characters.
split_at_regex = string (optional)
Use the specified regex as the delimiter instead of newline characters. The regex flavor is Perl compatible and documented here.
Examples
Reads lines from a file
load_file "events.log" read_lines is_error = line.starts_with("error:")
Split Syslog-like events without newline terminators from a TCP input
load_tcp "0.0.0.0:514" read_lines split_at_regex="(?=<[0-9]+>)" this = line.parse_syslog()
Edit this page

Description

`skip_empty = bool (optional)`

`split_at_null = bool (optional)`

`split_at_regex = string (optional)`

Examples

Reads lines from a file

Split Syslog-like events without newline terminators from a TCP input

read_lines

Description​

skip_empty = bool (optional)​

split_at_null = bool (optional)​

split_at_regex = string (optional)​

Examples​

Reads lines from a file​

Split Syslog-like events without newline terminators from a TCP input​