elasticsearch/docs/reference/esql/processing-commands/grok.asciidoc

[[esql-grok]]
=== `GROK`

`GROK` enables you to extract structured data out of a string. `GROK` matches
the string against patterns, based on regular expressions, and extracts the
specified patterns as columns.

Refer to the <<grok-processor,grok processor documentation>> for the syntax for
of grok patterns.

For example:

[source,esql]
----
include::{esql-specs}/grok.csv-spec[tag=grok]
----

Returns:

[%header,format=dsv,separator=|]
|===
include::{esql-specs}/grok.csv-spec[tag=grok-result]
|===
[DOCS] Move processing commands to a file per command 2023-06-06 00:38:55 +08:00			`[[esql-grok]]`
			=== `GROK`

			`GROK` enables you to extract structured data out of a string. `GROK` matches
			`the string against patterns, based on regular expressions, and extracts the`
			`specified patterns as columns.`

			`Refer to the <<grok-processor,grok processor documentation>> for the syntax for`
			`of grok patterns.`

			`For example:`

			`[source,esql]`
			`----`
			`include::{esql-specs}/grok.csv-spec[tag=grok]`
			`----`

			`Returns:`

			`[%header,format=dsv,separator=\|]`
			`\|===`
			`include::{esql-specs}/grok.csv-spec[tag=grok-result]`
			`\|===`