Skip to content

Instantly share code, notes, and snippets.

@justahero

justahero/es_analyzer_stack_trace.md

Last active January 15, 2019 15:05
Show Gist options
  • Save justahero/f4aa0d82b1af3c115f1d98407bae8398 to your computer and use it in GitHub Desktop.
Save justahero/f4aa0d82b1af3c115f1d98407bae8398 to your computer and use it in GitHub Desktop.
Download ZIP
Elasticsearch analyzer for stack traces.
Raw
es_analyzer_stack_trace.md

Example stack trace in Ruby

divide_by_zero.rb:2:in `/': divided by 0 (ZeroDivisionError)
        from divide_by_zero.rb:2:in `divide'
        from divide_by_zero.rb:5:in `<main>'

The following analyzer is a first draft of how to split / analyze the stack trace. The user should be able to search for file name, line number, exception. Only the first two lines of the stack trace are analyzed.

curl -X PUT 'http://localhost:9200/stacktraces' -H 'Content-Type: application/json' -d '{
  "settings": {
    "index": { "number_of_shards": 1, "number_of_replicas": 0 },
    "analysis": {
      "tokenizer": {
        "stacktrace_tokenizer": {
          "type": "simple_pattern_split",
          "pattern": "\n"
        }
      },
      "filter": {
        "max_lines_filter": {
          "type": "limit",
          "max_token_count": 2
        },
        "stacktrace_line_tokenizer": {
          "type": "pattern_capture",
          "patterns": [
            "(from\\s|.*):(.*):in\\s(.*)"
          ]
        }
      },
      "analyzer": {
        "stacktrace_analyzer": {
          "type": "custom",
          "tokenizer": "stacktrace_tokenizer",
          "filter": [
            "max_lines_filter",
            "trim",
            "stacktrace_line_tokenizer",
            "standard",
            "lowercase",
            "asciifolding",
            "unique"
          ]
        }
      }
    }
  }
}'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment