Introduction

Grok is simple software that allows you to easily parse logs and other files. With grok, you can turn unstructured log and event data into structured data.

The grok program is a great tool for parsing log data and program output. You can match any number of complex patterns on any number of inputs (processes and files) and have custom reactions.

The grok library is a great choice when you need the pattern matching features of grok in your own tools. There are currently C and Ruby APIs.

• GrokConcepts - If you want general information that applies to both the grok program and library.
• GrokProgram - If you want documentation about the grok program.
• GrokExamples - Examples of using grok in the real world
• GrokConfig - Documentation on grok configs
• GrokProgramTutorial - A gentle introduction to grok.
• GrokLibrary - If you want documentation about using the grok library api

What can I use Grok for?

• reporting errors and other patterns from logs and processes
• parsing complex text output and converting it to json external processing
• apply 'write-once use-everywhere' to regular expressions

Download Grok

• Latest: http://semicomplete.googlecode.com/files/grok-20091103.tar.gz
• Archive: http://code.google.com/p/semicomplete/downloads/list?q=label:grok

Getting Help

• mail: grok-users@googlegroups.com
• irc: #grok on efnet