com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'html' is unknown.

format

Owned by Omry Koschitzky
Jan 28, 2015

Synopsis

Displays a specified column in the complex search summary table in a specified format. Can be used only with Display, Display only, and Group by commands.

Syntax

in [format_type] format)(["Input_Unit"],)(["Output_Unit"])

Required Arguments

format_type

Syntax: number, simple, time, date, volume, regexp, or expression

Description: The format in which to display the values of a specific column in the complex search summary table. For a time format_type, if no unit appears after  time format, XpoLog assumes that the column value is in milliseconds and displays it in the maximal possible unit (for example, if the value is 2000, the output is 2 seconds; if the value is 120000, the output is 2 minutes, etc.).

Optional Arguments

"Input_Unit"

Syntax: Volume Units - B, KB, MB, GB; Time Units: microsec, ms, sec, min, hour, day

Description: The input unit of the format type.

"Output_Unit"

Syntax: Volume Units - B, KB, MB, GB; Time Units: microsec, ms, sec, min, hour, day

Description: The unit in which to convert the format type.

Note: If only one unit appears in the syntax, XpoLog assumes that it is the output unit, and that the input value is in milliseconds (for time) or bytes (for volume). If no unit appears in the syntax, XpoLog outputs the log value in milliseconds (for time) or bytes (for volume).

Description

Displays the column values in the specified format, assuming the default input and output units, if they are not specified, and converting to a specific output unit from a specific input unit, if specified. 

Text can be formatted into the following format types:

  • number  –  formats the text in the column to number format; (“#.##”) – the decimal format of the number
  • simple – displays columns in difference format: (“column.name1 – column.name2”) – replace the columns with the values from the result
  • time – displays the value in a time format of the default unit or of the indicated (“[OUTPUT_UNIT]”) , (“[INPUT_UNIT] “,“[OUTPUT_UNIT]”) – displays the column in output format and uses the input unit In case it is different from milliseconds.
    Time units: [microsec,ms,sec,min,hour,day]
  • date – displays the value in day format: (“[SIMPLE DATE FORMAT]”) – change the date format
  • volume – displays the value in volume format way: (“[OUTPUT_UNIT]”) , (“[INPUT_UNIT] “,“[OUTPUT_UNIT]”) – display the column in output format and use input unit in case it is different from bytes.
    Volume units: [B,KB,MB,GB]
  • regexp – use regexp to extract values from the data: (“[REGEXP]”) – display the first group that is found from the regular expression
  • expression – displays the column result after performing an expression on the original contents.
    Display Column_Name in regexp format("REGEXP"), where REGEXP is the regular expression to be executed on the value in Column_Name (“[EXPRESSION]”) – use an expression to calculate different result value

Examples – Volume Format: bytes sent column contains numeric values representing volume. 

 Example 1:

* in log.access | avg bytes sent | display avg in volume format

XpoLog formats avg of bytes sent in volume format, automatically assuming that the log value is in bytes.

Example 2:

* in log.access | avg bytes sent | display avg in volume format(“MB”)

XpoLog formats avg of bytes sent in volume format, automatically assuming that the log value is in bytes, and converts and outputs the value in MB.

Example 3:

* in log.access | avg bytes sent | display avg in volume format(“KB”,”MB”)

XpoLog formats avg of bytes sent in volume format, assuming that the log value is in KB, and converts and outputs the value in MB.

Examples – Time Format: time taken column contains numeric value representing time.

Example 1:

* in log.access | avg time taken | display avg in time format

XpoLog formats avg of time taken in time format, automatically assuming that the log value is in milliseconds.

Example 2:

* in log.access | avg time taken | display avg in time format(“SEC”) à format to seconds

XpoLog formats avg of time taken in time format, automatically assuming that the log value is in milliseconds, and converts and outputs the value in seconds.

Example 3:

* in log.access | avg time taken | display avg in time format(“SEC”,”MIN”) à format from seconds to minutes

XpoLog formats avg of time taken in time format, assuming that the log value is in seconds, and converts and outputs the value to minutes. 

Regular Expressions:

  1. XpoLog groups by URL field which has multiple parts divided by slashes / and then uses a regular expression to format the result to present only part of the URL based on the regular expression criteria, I.E. present only the last part after the last slash / in the URL:

    URL Example:
    [URL] /home/web-main/css/texts.css

    XpoLog Query:
    in log.access log | count | group by url as formatted-url | order by count desc | display formatted-url in regexp format (".*/([^/]+)")

    Result:





  2. XpoLog uses a regular expression to format the Description field which contains multiple lines with different values based on the regular expression criteria, I.E. extract from the entire Description field only the value which comes after 'Account Name:' and group by it only (as if it was a pre-configured field in the log):

    Description Example:
     ...[Description] An account was logged off.
    Subject:
    Security ID: S-1-5-21-3480273402-748593870-3636473903-1144
    Account Name: xplg
    Account Domain: XPOLOG
    Logon ID: 0xa078ea24
    Logon Type: 3
    This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.

    XpoLog Query:
    (*) in log.application | count | group by Description as UserName in regexp format ("Account Name:\s+(\w+)")


    Result: