grok


Error compiling Grok


I tried to compile the grok based on the this link http://linuxdrops.com/log-management-using-logstash-and-kibana-on-centos-rhel-fedora/ but encounter below problem. Hope someone can help me to solve the problem that I encounter.
[root#eul2400508 grok]# make
cc -c -pipe -fPIC -I. -O2 -I/usr/local/include -DPLATFORM_GNULinux grok.c -o grok.o
In file included from grok.c:1:
grok.h:8:20: error: tcutil.h: No such file or directory
In file included from grok.c:1:
grok.h:39: error: expected specifier-qualifier-list before ‘TCTREE’
In file included from grok.h:132,
from grok.c:1:
grok_pattern.h:7: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
In file included from grok.h:140,
from grok.c:1:
grok_discover.h:9: error: expected specifier-qualifier-list before ‘TCTREE’
grok.c: In function ‘grok_init’:
grok.c:27: error: ‘grok_t’ has no member named ‘re’
grok.c:30: error: ‘grok_t’ has no member named ‘pcre_capture_vector’
grok.c:31: error: ‘grok_t’ has no member named ‘pcre_num_captures’
grok.c:32: error: ‘grok_t’ has no member named ‘max_capture_num’
grok.c:33: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:34: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c:35: error: ‘grok_t’ has no member named ‘logmask’
grok.c:36: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:39: error: ‘grok_t’ has no member named ‘patterns’
grok.c:43: error: ‘grok_t’ has no member named ‘captures_by_id’
grok.c:44: error: ‘grok_t’ has no member named ‘captures_by_name'
grok.c:45: error: ‘grok_t’ has no member named ‘captures_by_subname’
grok.c:46: error: ‘grok_t’ has no member named ‘captures_by_capture_number’
grok.c:56: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:57: error: ‘grok_t’ has no member named ‘pcre_erroffset’
[root#eul2400508 grok]# make
cc -c -pipe -fPIC -I. -O2 -I/usr/local/include -DPLATFORM_GNULinux grok.c -o grok.o
In file included from grok.c:1:
grok.h:8:20: error: tcutil.h: No such file or directory
In file included from grok.c:1:
grok.h:39: error: expected specifier-qualifier-list before ‘TCTREE’
In file included from grok.h:132,
from grok.c:1:
grok_pattern.h:7: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
In file included from grok.h:140,
from grok.c:1:
grok_discover.h:9: error: expected specifier-qualifier-list before ‘TCTREE’
grok.c: In function ‘grok_init’:
grok.c:27: error: ‘grok_t’ has no member named ‘re’
grok.c:30: error: ‘grok_t’ has no member named ‘pcre_capture_vector’
grok.c:31: error: ‘grok_t’ has no member named ‘pcre_num_captures’
grok.c:32: error: ‘grok_t’ has no member named ‘max_capture_num’
grok.c:33: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:34: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c:35: error: ‘grok_t’ has no member named ‘logmask’
grok.c:36: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:39: error: ‘grok_t’ has no member named ‘patterns’
grok.c:43: error: ‘grok_t’ has no member named ‘captures_by_id’
grok.c:44: error: ‘grok_t’ has no member named ‘captures_by_name'
grok.c:45: error: ‘grok_t’ has no member named ‘captures_by_subname’
grok.c:46: error: ‘grok_t’ has no member named ‘captures_by_capture_number’
grok.c:56: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:57: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c:60: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:62: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c: In function ‘grok_clone’:
grok.c:78: error: ‘grok_t’ has no member named ‘patterns’
grok.c:78: error: ‘grok_t’ has no member named ‘patterns’
grok.c:79: error: ‘grok_t’ has no member named ‘logmask’
grok.c:79: error: ‘grok_t’ has no member named ‘logmask’
grok.c:80: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:80: error: ‘grok_t’ has no member named ‘logdepth’
grok.c: In function ‘grok_pcre_callout’:
grok.c:114: error: ‘grok_t’ has no member named ‘logmask’
grok.c:114: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:119: error: ‘grok_t’ has no member named ‘logmask’
grok.c:119: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:124: error: ‘grok_t’ has no member named ‘logmask’
grok.c:124: error: ‘grok_t’ has no member named ‘logdepth’
make: *** [grok.o] Error 1
grok.c:60: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:62: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c: In function ‘grok_clone’:
grok.c:78: error: ‘grok_t’ has no member named ‘patterns’
grok.c:78: error: ‘grok_t’ has no member named ‘patterns’
grok.c:79: error: ‘grok_t’ has no member named ‘logmask’
grok.c:79: error: ‘grok_t’ has no member named ‘logmask’
grok.c:80: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:80: error: ‘grok_t’ has no member named ‘logdepth’
grok.c: In function ‘grok_pcre_callout’:
grok.c:114: error: ‘grok_t’ has no member named ‘logmask’
grok.c:114: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:119: error: ‘grok_t’ has no member named ‘logmask’
grok.c:119: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:124: error: ‘grok_t’ has no member named ‘logmask’
grok.c:124: error: ‘grok_t’ has no member named ‘logdepth’
make: *** [grok.o] Error 1
Had the same issue but on debian and was able to resolve by:
Making sure I had all dependencies: found in the Makefile - line 269
bison
ctags
flex
gperf
libevent-dev
libpcre3-dev
libtokyocabinet-dev
I also followed the instructions I found here in the comment by "wheel...#gmail.com" but am not sure if this was necessary.
The Makefile can be fixed by changing the two gcc lines which look like this:
gcc $(LDFLAGS) $^ -o $#
To this:
gcc $^ $(LDFLAGS) -o $#
And of course update the CFLAGS and LDFLAGS to point to correct directories.
To make grok on Ubuntu 12.04 I needed to update the two gcc lines as mentioned above (by moving $(LDFLAGS) after the $^) but it seems I didn't need to do whatever this means:
"update the CFLAGS and LDFLAGS to point to correct directories."
On Centos you'll need to have the same packages mentioned about, though they are named differently (just the last three):
bison
ctags
flex
gperf
libevent-devel
libprcre3-devel
tokyocabinet-dev

Related Links

Grok Learning - 'Halve This'
logstash grok patterns assistance
Using multiple grok pattern to assign value to 1 field
Graylog cannot look a field as numeric
Logstatsh help needed to write grok filter
How to have timestamp as the only delimiter in Grok Logstach?
Error compiling Grok
logstash grok filter annoyance

Categories

HOME
facebook-oauth
ng-idle
ggplot2
apache-spark-mllib
jsf-2.2
entity-framework-core
rom
nuget-package
google-cloud-datalab
title
special-characters
recordrtc
syntaxnet
g++
pcl-crypto
fhir
why3
rtf
openbugs
code-generation
enterprise-architect
flash-player
symbol
parameter-passing
google-content-api
wolframalpha
identity-management
mapstruct
poedit
tosca
strongname
shared
ms-access-2003
android-things
winexe
tizen-tv
constexpr
panoramas
jmockit
hunspell
indy10
browser-extension
processwire
batching
raft
swagger-php
css-position
apriori
wmp
berkeley-db-je
photos
term
chai-as-promised
reportservice2010
dtsearch
configurationmanager
android-testing
libjpeg
gameplay-kit
cd-burning
structuremap4
rocks
slackware
google-cloud-console
signalr.client
jodd
model-associations
x-tag
jquery-jscrollpane
udpclient
gcloud-ruby
boost-serialization
maybe
vigenere
phonertc
pax-exam
dronekit-android
alloy-ui
apache-spark-1.3
sql-scripts
human-computer-interface
universal-image-loader
mdichild
functional-java
jquery-slider
breakout
cffile
merb
joomla-template
chart-director
alice
bjyauthorize
robotlegs
android-loadermanager
uimanageddocument
rmiregistry
box2d-iphone
landscape-portrait
matlab-load
creole
timertask
rowlex
folding
django-piston
silverlight-oob
pnrp
netbeans6.1

Resources

Encrypt Message