Apologies if this is a bit of a noddy question (I am a noob to this) but I
couldn't find anything in the docs or the great G that really gave me a
good answer to this problem....
In some of my logs I have events containing xml. I want to be able to
identify the value of an element and create a new field containing the
Example event in log:
INFO 2013-09-11 10:52:03,381 [[SmokeTest_0906-v20130906-10+25].x_to_bss_evt
.stage1.22] (TranslateDealId.java:50) - Received raw message from x: <?xml
version="1.0" encoding="utf-8"?><rm:Message SchemaVersion="1.09" xmlns:rm=
I want to be able to create a field CORRELATIONID from the element
115200591009311965 and have it populate the
value of the element into the field.
So, in this case the CORRELATIONID flag vould have a value 1
I had a look at grok methods using regex but could not see a way to do it.
Any suggestions or help much appreciated....
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firstname.lastname@example.org.
For more options, visit https://groups.google.com/groups/opt_out.