Logstash - Grok filter - Is it possible to name aggregated patterns
Question
I've got this time stamp in one of the logs
Tue Mar 29 09:47:33 2016
I've looked into the built in patterns https://github.com/elastic/logstash/blob/v1.4.2/patterns/grok-patterns
But couldn't find an exact match.
I know I can create my custom pattern.. But I would still like to resolve it cleaner at the filter level.
I was thinking of a grok pattern in this format:
%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}
But not sure how to name it matched it to a single name
1 answers
solution1
0 2016-03-30 09:30:08
知道了...
(?<sourceTimestamp>%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR})
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Chaining grok filter patterns for logstash
Use of ?> in Logstash Grok patterns
Logstash grok & regex filter
Logstash grok filter regex
Logstash grok filter apache pattern
Custom GROK filter - Logstash -> Elasticsearch
logstash grok filter pattern not found
Parsing data with grok filter on logstash
Logstash grok pattern to filter custom Log message
Logstash grok filter to tag received and bounced messages
Related Tags