mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-04-25 23:57:20 -04:00
1f383f3cd2
This compresses the results and the query on the page to take up less space and make them more obviously connected.
20 lines
522 B
Text
20 lines
522 B
Text
[[esql-grok]]
|
|
=== `GROK`
|
|
|
|
`GROK` enables you to extract structured data out of a string. `GROK` matches
|
|
the string against patterns, based on regular expressions, and extracts the
|
|
specified patterns as columns.
|
|
|
|
Refer to the <<grok-processor,grok processor documentation>> for the syntax for
|
|
of grok patterns.
|
|
|
|
For example:
|
|
|
|
[source.merge.styled,esql]
|
|
----
|
|
include::{esql-specs}/grok.csv-spec[tag=grok]
|
|
----
|
|
[%header.monospaced.styled,format=dsv,separator=|]
|
|
|===
|
|
include::{esql-specs}/grok.csv-spec[tag=grok-result]
|
|
|===
|