grok


Error compiling Grok


I tried to compile the grok based on the this link http://linuxdrops.com/log-management-using-logstash-and-kibana-on-centos-rhel-fedora/ but encounter below problem. Hope someone can help me to solve the problem that I encounter.
[root#eul2400508 grok]# make
cc -c -pipe -fPIC -I. -O2 -I/usr/local/include -DPLATFORM_GNULinux grok.c -o grok.o
In file included from grok.c:1:
grok.h:8:20: error: tcutil.h: No such file or directory
In file included from grok.c:1:
grok.h:39: error: expected specifier-qualifier-list before ‘TCTREE’
In file included from grok.h:132,
from grok.c:1:
grok_pattern.h:7: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
In file included from grok.h:140,
from grok.c:1:
grok_discover.h:9: error: expected specifier-qualifier-list before ‘TCTREE’
grok.c: In function ‘grok_init’:
grok.c:27: error: ‘grok_t’ has no member named ‘re’
grok.c:30: error: ‘grok_t’ has no member named ‘pcre_capture_vector’
grok.c:31: error: ‘grok_t’ has no member named ‘pcre_num_captures’
grok.c:32: error: ‘grok_t’ has no member named ‘max_capture_num’
grok.c:33: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:34: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c:35: error: ‘grok_t’ has no member named ‘logmask’
grok.c:36: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:39: error: ‘grok_t’ has no member named ‘patterns’
grok.c:43: error: ‘grok_t’ has no member named ‘captures_by_id’
grok.c:44: error: ‘grok_t’ has no member named ‘captures_by_name'
grok.c:45: error: ‘grok_t’ has no member named ‘captures_by_subname’
grok.c:46: error: ‘grok_t’ has no member named ‘captures_by_capture_number’
grok.c:56: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:57: error: ‘grok_t’ has no member named ‘pcre_erroffset’
[root#eul2400508 grok]# make
cc -c -pipe -fPIC -I. -O2 -I/usr/local/include -DPLATFORM_GNULinux grok.c -o grok.o
In file included from grok.c:1:
grok.h:8:20: error: tcutil.h: No such file or directory
In file included from grok.c:1:
grok.h:39: error: expected specifier-qualifier-list before ‘TCTREE’
In file included from grok.h:132,
from grok.c:1:
grok_pattern.h:7: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
In file included from grok.h:140,
from grok.c:1:
grok_discover.h:9: error: expected specifier-qualifier-list before ‘TCTREE’
grok.c: In function ‘grok_init’:
grok.c:27: error: ‘grok_t’ has no member named ‘re’
grok.c:30: error: ‘grok_t’ has no member named ‘pcre_capture_vector’
grok.c:31: error: ‘grok_t’ has no member named ‘pcre_num_captures’
grok.c:32: error: ‘grok_t’ has no member named ‘max_capture_num’
grok.c:33: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:34: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c:35: error: ‘grok_t’ has no member named ‘logmask’
grok.c:36: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:39: error: ‘grok_t’ has no member named ‘patterns’
grok.c:43: error: ‘grok_t’ has no member named ‘captures_by_id’
grok.c:44: error: ‘grok_t’ has no member named ‘captures_by_name'
grok.c:45: error: ‘grok_t’ has no member named ‘captures_by_subname’
grok.c:46: error: ‘grok_t’ has no member named ‘captures_by_capture_number’
grok.c:56: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:57: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c:60: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:62: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c: In function ‘grok_clone’:
grok.c:78: error: ‘grok_t’ has no member named ‘patterns’
grok.c:78: error: ‘grok_t’ has no member named ‘patterns’
grok.c:79: error: ‘grok_t’ has no member named ‘logmask’
grok.c:79: error: ‘grok_t’ has no member named ‘logmask’
grok.c:80: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:80: error: ‘grok_t’ has no member named ‘logdepth’
grok.c: In function ‘grok_pcre_callout’:
grok.c:114: error: ‘grok_t’ has no member named ‘logmask’
grok.c:114: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:119: error: ‘grok_t’ has no member named ‘logmask’
grok.c:119: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:124: error: ‘grok_t’ has no member named ‘logmask’
grok.c:124: error: ‘grok_t’ has no member named ‘logdepth’
make: *** [grok.o] Error 1
grok.c:60: error: ‘grok_t’ has no member named ‘pcre_errptr’
grok.c:62: error: ‘grok_t’ has no member named ‘pcre_erroffset’
grok.c: In function ‘grok_clone’:
grok.c:78: error: ‘grok_t’ has no member named ‘patterns’
grok.c:78: error: ‘grok_t’ has no member named ‘patterns’
grok.c:79: error: ‘grok_t’ has no member named ‘logmask’
grok.c:79: error: ‘grok_t’ has no member named ‘logmask’
grok.c:80: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:80: error: ‘grok_t’ has no member named ‘logdepth’
grok.c: In function ‘grok_pcre_callout’:
grok.c:114: error: ‘grok_t’ has no member named ‘logmask’
grok.c:114: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:119: error: ‘grok_t’ has no member named ‘logmask’
grok.c:119: error: ‘grok_t’ has no member named ‘logdepth’
grok.c:124: error: ‘grok_t’ has no member named ‘logmask’
grok.c:124: error: ‘grok_t’ has no member named ‘logdepth’
make: *** [grok.o] Error 1
Had the same issue but on debian and was able to resolve by:
Making sure I had all dependencies: found in the Makefile - line 269
bison
ctags
flex
gperf
libevent-dev
libpcre3-dev
libtokyocabinet-dev
I also followed the instructions I found here in the comment by "wheel...#gmail.com" but am not sure if this was necessary.
The Makefile can be fixed by changing the two gcc lines which look like this:
gcc $(LDFLAGS) $^ -o $#
To this:
gcc $^ $(LDFLAGS) -o $#
And of course update the CFLAGS and LDFLAGS to point to correct directories.
To make grok on Ubuntu 12.04 I needed to update the two gcc lines as mentioned above (by moving $(LDFLAGS) after the $^) but it seems I didn't need to do whatever this means:
"update the CFLAGS and LDFLAGS to point to correct directories."
On Centos you'll need to have the same packages mentioned about, though they are named differently (just the last three):
bison
ctags
flex
gperf
libevent-devel
libprcre3-devel
tokyocabinet-dev

Related Links

Grok Learning - 'Halve This'
logstash grok patterns assistance
Using multiple grok pattern to assign value to 1 field
Graylog cannot look a field as numeric
Logstatsh help needed to write grok filter
How to have timestamp as the only delimiter in Grok Logstach?
Error compiling Grok
logstash grok filter annoyance

Categories

HOME
adal
amp-html
youtube-data-api-v3
pascal
error-handling
owl-carousel
can
rom
web-hosting
hugo
jtextpane
commonjs
google-chrome-app
gson
ipmitool
intercom
symmetricds
http-post
chargify
google-picker
jmp
nim
sencha-touch
windows-xp
pchart
scriptella
moses
android-sharedpreferences
appirater
intersystems-cache
sql-server-2000
r-grid
fstream
android-maps-extensions
browser-extension
python-pptx
latitude-longitude
openalpr
vmware-fusion
dcmtk
escpos
microsoft-metro
apache-directory
memory-mapping
openresty
chai-as-promised
yii2-api
insight
x-ray
trojan
context-sensitive-grammar
dt
cup
mouseleave
stripe-connect
google-cloud-console
simevents
angular-ui-typeahead
relativelayout
computer-architecture
mod-proxy
vacuum
apache-commons-daemon
botan
ghcjs
rickshaw
jama
mobility
named-parameters
personalization
grails-domain-class
live555
menubar
high-resolution
mt4j
gd-graph
oocss
asdf
process-explorer
http-status-code-410
extconf.rb
fitbounds
cgimage
hibernateexception
luabind
listactivity

Resources

Database Users
RDBMS discuss
Database Dev&Adm
javascript
java
csharp
php
android
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App