I want to index logs from different applications in one index.
However some applications don't use exactly the same log format....
How can I use a grok pattern in the input section of the config file to break down the logfiles according to keywords that exist within the logfile?
I tried the grok constructor however, I could not find a way to make exceptions (e.g. if the logfile does not follow this pattern, then just keep the whole log as text)