How to use two type of grok in one conf file??
I have two type of logs in the same file but all the time the 1st grok is applied and it is failed to run 
how to use two type of grokes in the same conf file ??
now im giving as follows ..
filter {
grok {
match => {
"grok_1" => Grok
"grok_2" => Grok
}
}
}
The grok filter documentation contains an example of how to list multiple grok expressions in the same grok filter. The expressions in the list will be tried one by one in the order listed. The list traversal will stop if there's a match.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.