stackoom
  简体   繁体   中英

logstash grok filter pattern

 原文  2017-06-21 09:20:19       elasticsearch/ logstash/ logstash-grok

Question

This is my log files. 

Application-log-sample.log

2017-01-03 05:40:49.693 INFO  main --- com.getsentry.raven.DefaultRavenFactory : Using an HTTP connection to Sentry.
2017-01-03 05:40:49.935 INFO  background-preinit --- org.hibernate.validator.internal.util.Version : HV000001: Hibernate Validator 5.2.4.Final

I am getting confuse for grok pattern. Can you someone please suggest something.

2 answers

solution1
 1  2017-06-21 09:56:41

a simple pattern could be: 

^%{TIMESTAMP_ISO8601:event_time}\s+%{LOGLEVEL:level}\s+%{SYSLOGPROG}\s---\s%{JAVACLASS:class}\s+:\s+%{GREEDYDATA:message}$

use https://grokdebug.herokuapp.com/ to build your pattern and http://grokconstructor.appspot.com/do/match to test it on many lines.

you can also configure grok to check multiple patterns (stops at first matched) and to use your own patterns, see reference .

solution2
 0  2017-06-21 09:32:17

You can check your grok pattern is working correct or not without running the configuration file by grok debugger. Here is the link for grok debugger,

https://grokdebug.herokuapp.com

Grok discover will help you to achieve the pattern which ever you needed.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Logstash grok filter apache pattern create a Grok filter for a specific date pattern in logstash Grok pattern for logstash / elasticsearch Grok pattern optimisation in logstash Logstash grok filter integer Logstash filter using grok Logstash Grok pattern with double quotes Logstash date format grok pattern Logstash grok pattern for pgpool logs How to write grok pattern in logstash
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM