Hello everyone
I am a beginner in logstash filter and to better understand the patterns I wanted to put a pattern to add the processing time of requests (in millisencodes) in my logs.
The problem is that I can't find any pattern that looks roughly what I want
Do you have any suggestions for a start
Attached is the logstash conf that I currently have
Thank you
#logstash filter
filter {
if [type] == "apachecvs"{
grok { match => { "message" => "%{IPORHOST:clientip} %{USER:ident} %{USER:auth} [%{HTTPDATE:logdate}] "(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})" %{NUMBER:response} (?:%{NUMBER:bytes}|-)" }
}
date {
match => [ "logdate", "dd/MMM/YYYY:HH:mm:ss Z" ]
timezone => "Europe/Paris"
target => "logdate"
}
}
}