Fast parser for logs

Question

Need to parse some logs with space (" ") as separator and observe double or single quote.

For example

id=firewall time="2010-05-09 16:07:21 UTC" 1.1.1.1 ...

should be parsed as

id=firewall
time="2010-05-09 16:07:21 UTC"
1.1.1.1

The logs are

are quite long and
not necessarily in key=value format
not necessarily in csv format:

Tried to use Text::CSV_XS because it's much faster than the pure perl based parsers. However, the following code doesn't do what I expected because the logs are not valid csv string.

use Text::CSV_XS;

$a = 'id=firewall time="2010-05-09 16:07:21 UTC"';

$userDefinedSeparator = Text::CSV_XS->new({sep_char => " "});
print "$userDefinedSeparator
";
$userDefinedSeparator->parse($a);
my $e;
foreach $e ($userDefinedSeparator->fields) {
    print $e, "
";
}

Is there a fast parser that can parse logs mentioned above? Would be nice to configure Text::CSV_XS to do the desired parsing.

Thanks to @ThisSuitIsBlackNot who suggested rewriting this question.

Borodin · Accepted Answer

I answered this in my response to your comment on my solution to your previous question.

Here is the answer I gave before, together with the new data that you have shown in this question.

The problem I had with your previous question is that you showed nothing but key=value pairs, so I assumed that that was all you had in your data.

I hope this works for you.

use strict;
use warnings;

my $string = 'id=firewall time="2010-05-09 16:07:21 UTC" 1.1.1.1 ...';

my @fields = $string =~ / (?: "[^"]*" | \S )+ /xg;

print "$_
" for @fields;

output

id=firewall
time="2010-05-09 16:07:21 UTC"
1.1.1.1
...

Fast parser for logs

Answers (2)

Related Questions