Problem in ChukwaRecord file contents

Tue, 08 Jun 2010 04:51:40 -0700 

Hi All,

I gave my log file as input to chukwa and converted it to .evt file i.e. 
ChukwaRecord file
I checked the ChukwaRecord file which is a sequence file with ChukwaRecordKey 
and ChukwaRecord.
I saw that the ChukwaRecord contains Timestamp and some other fields. One of 
them is the "body" field.
However, this body field of each record contains a bunch of lines (from my 
original log file).

Contents of Original log file:

May 29 13:00:16 ps3156 syslogd 1.5.0#5ubuntu3: restart.
May 29 13:00:16 ps3156 anacron[4148]: Job `cron.daily' terminated
May 29 13:00:16 ps3156 anacron[4148]: Normal exit (1 job run)
May 29 13:09:02 ps3156 /USR/SBIN/CRON[19815]: (root) CMD (  [ -x 
/usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ 
-type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm)
May 29 13:09:02 ps3156 /USR/SBIN/CRON[19815]: (root) CMD (  [ -x 
/usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ 
-type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm)


Contents of ChukwaRecord file:

{"DataType": "SysLog", "Key": 
"1275118200000/ps3156.persistent.co.in/1275118216000", "Timestamp": 
1275118216000, "mapFields": {"csource": "ps3156.persistent.co.in", "capp": 
"/home/hadoop/Test/syslog_test", "ctags": " cluster="chukwa"", "body": "May 29 
13:00:16 ps3156 syslogd 1.5.0#5ubuntu3: restart.
May 29 13:00:16 ps3156 anacron[4148]: Job `cron.daily' terminated
May 29 13:00:16 ps3156 anacron[4148]: Normal exit (1 job run)
May 29 13:09:02 ps3156 /USR/SBIN/CRON[19815]: (root) CMD (  [ -x 
/usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ 
-type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm)
May 29 13:09:02 ps3156 /USR/SBIN/CRON[19815]: (root) CMD (  [ -x 
/usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ 
-type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm) } }

I can see that each record in the ChukwaRecord file contains a chunk of lines 
from the original log file. Is this behavior correct?
According to my understanding, each record in the ChukwaRecord file should 
contain only one line from the original log file.
Is it possible to create such a ChukwaRecord file?
Please suggest.


Stuti

DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the 
property of Persistent Systems Ltd. It is intended only for the use of the 
individual or entity to which it is addressed. If you are not the intended 
recipient, you are not authorized to read, retain, copy, print, distribute or 
use this message. If you have received this communication in error, please 
notify the sender and delete all copies of this message. Persistent Systems 
Ltd. does not accept any liability for virus infected mails.

Reply via email to