I'll preface this with saying that I know very very little Java and I am
just learning Pig.
My situation is that I am aggregating logs with Flume into a single
logfile. All my logs are in JSON format and then gzip'd before being added
to S3. I have 3 types of log lines in each file (b, i, c). Since I can't
seem to get anything to work, I am pulled a few logfiles down to the local
machine and I am running pig in local mode on decompressed log files.
What I am trying to do is write a Pig script to parse the JSON and then
run queries against. Since there are 3 types of lines in the same file,
when I do an illustrate of a regex (that I know works because I have tested
it against multiple regex matching programs) it only shows me the first
line, not the first matching line. The JSON log line that is of type 'b' is
a nested JSON, so I am staying away from that for now (mostly because I
can't figure out how to get the Java in this Gist to build:
https://gist.github.com/601331). Log lines 'i' and 'c' are single level
JSON (not nested) so a simple regex should work if I understand everything
More specifics are in this StackOverflow question I posted as well (
Feel free to answer it for the points if we answer the question here.
The version of Hadoop is 0.20 and Pig is 0.6 because that is what is on
the EMR (Elastic Map Reduce) instances.
Here is where I am at:
Example log line type 'i':
Pig Script Attempt:
DEFINE EXTRACT org.apache.pig.piggybank.evaluation.string.EXTRACT();
RAW_LOGS = LOAD 'file:/home/hadoop/logs/adserver.log' USING TextLoader AS
LOGS_BASE= foreach RAW_LOGS generate
WIDGET_VERSION_ONLY = FOREACH LOGS_BASE GENERATE wv;
WIDGET_VERSION_COUNT = FOREACH (GROUP WIDGET_VERSION_ONLY BY $0) GENERATE
$0, COUNT($1) as num;
WIDGET_VERSION_SORTED_COUNT = LIMIT(ORDER WIDGET_VERSION_COUNT BY num DESC)
Any help that would push me in the right direction would be greatly