Skip to content
Permalink
Browse files
Add announcement about the availability of the CLI tool to the filebe…
…at dissect testing article
  • Loading branch information
jorgelbg committed May 6, 2020
1 parent 0d8b2d5 commit 21f74ddb658495cda94f11b79e3db0b002d81f1c
Showing 3 changed files with 33 additions and 5 deletions.
@@ -17,6 +17,19 @@ doesn't support Grok patterns (like
Instead, Filebeat advocates the usage of the [dissect
processor](https://www.elastic.co/guide/en/beats/filebeat/master/dissect.html).

{{< announce >}}
A small CLI tool for local pattern testing is also available now. Releases are available in the
[Github Releases page](https://github.com/jorgelbg/dissect-tester/releases). After downloading and
decompressing the `.tar.gz` file the CLI can be executed as:

```sh
$ dissect-tester/dissect-tester --pattern='%{key1} %{key2}'
```

Test cases are accepted through `stdin` and for each test case the result will be sent directly into
`stdout`.
{{</ announce >}}

I like the dissect processor tokenization syntax. It is easy to understand and usually quite
fast at processing. This blog post is not about the decision of not supporting Grok patterns in
Filebeat.
@@ -1,6 +1,6 @@
<!-- announcement -->
<div class="info">
<svg width="80" viewBox="0 0 512 512"><circle cx="256" cy="475" r="27" fill="#f7911e"/><g fill="#d1d3d4"><path
<div class="info announce">
<svg width="150" viewBox="0 0 512 512"><circle cx="256" cy="475" r="27" fill="#f7911e"/><g fill="#d1d3d4"><path
d="M99 244v-34H67v41M413 244v-34h32v41z"/></g><g fill="#4aa7ed"><path d="M114 244h-3a101 101 0 000
202h3V244zM398 244h3a101 101 0 010 202h-3V244z"/></g><path d="M456 210a200 200 0 00-400 0h64a136 136
0 01272 0h64z" fill="#f9ae18"/><path d="M78 306c6 0 10-5 10-10v-1a10 10 0 00-20 0v1c0 5 5 10 10
@@ -12,7 +12,6 @@
0 0054-208zM256 458a17 17 0 110 34 17 17 0 010-34zm-152-22a91 91 0 010-182v182zM89 236l-12
3v-19h12v16zM256 64c-77 0-140 60-146 136H66a190 190 0 01380 0h-44c-6-76-69-136-146-136zm167
156h12v19l-12-3v-16zm-15 216V254a91 91 0 010 182z"/></svg>

<p>{{ .Inner | markdownify }}</p>
<div>{{ .Inner | markdownify }}</div>
</div>
<!-- image -->
@@ -851,12 +851,28 @@ h1 {
display: flex;
align-items: flex-start;
margin: 1rem 0;
font-family: sans-serif;
font-size: 1.15rem;
}

.info.announce {
position: relative;
margin-left: -100px;
}

.info.announce > div {
border-left: 6px solid var(--main-color);
padding-left: 10px;
margin-left: 10px;
}

.info pre {
margin-top: 20px;
}

.info p {
width: 100%;
margin: 0 0 0 1rem;
font-family: sans-serif;
}

p.cc {

0 comments on commit 21f74dd

Please sign in to comment.