mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-04-25 23:57:20 -04:00
8ac4ba751e
* Break out 'Limitations' into separate page * Add REST API docs * Restructure commands, functions, and operators refs * Add placeholder for getting started guide * Group 'Syntax', 'Metafields', and 'MV fields' under 'Language' * Add placeholder for Kibana page * Add link from landing page * Apply uniform formatting to ACOS, CASE, and DATE_PARSE function refs * Reword default LIMIT * Add support for COUNT(*) * Move 'Commands' and 'Functions and operators' to individual pages --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
21 lines
533 B
Text
21 lines
533 B
Text
[discrete]
|
|
[[esql-grok]]
|
|
=== `GROK`
|
|
|
|
`GROK` enables you to extract structured data out of a string. `GROK` matches
|
|
the string against patterns, based on regular expressions, and extracts the
|
|
specified patterns as columns.
|
|
|
|
Refer to the <<grok-processor,grok processor documentation>> for the syntax for
|
|
of grok patterns.
|
|
|
|
For example:
|
|
|
|
[source.merge.styled,esql]
|
|
----
|
|
include::{esql-specs}/grok.csv-spec[tag=grok]
|
|
----
|
|
[%header.monospaced.styled,format=dsv,separator=|]
|
|
|===
|
|
include::{esql-specs}/grok.csv-spec[tag=grok-result]
|
|
|===
|