Logstash - Grok 过滤器 - 是否可以命名聚合模式
[英]Logstash - Grok filter - Is it possible to name aggregated patterns
问题描述
I've got this time stamp in one of the logs
我在其中一个日志中有这个时间戳
Tue Mar 29 09:47:33 2016
I've looked into the built in patterns https://github.com/elastic/logstash/blob/v1.4.2/patterns/grok-patterns我研究了内置模式https://github.com/elastic/logstash/blob/v1.4.2/patterns/grok-patterns
But couldn't find an exact match.但是找不到完全匹配的。
I know I can create my custom pattern.. But I would still like to resolve it cleaner at the filter level.我知道我可以创建我的自定义模式..但我仍然希望在过滤器级别更清晰地解决它。
I was thinking of a grok pattern in this format:我正在考虑这种格式的 grok 模式:
%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}
But not sure how to name it matched it to a single name但不确定如何命名它与单个名称匹配
1 个解决方案
解决方案1
0 2016-03-30 09:30:08
知道了...
(?<sourceTimestamp>%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR})
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.