Create a global patterns_dir

Vafa_Ronaghi · November 23, 2017, 1:44pm

Hello,

Is it possible to define a global patterns_dir for all cases in filter or it must be defined in each grok section.

Se below:

   if ("xxx" in [path])  {
      grok {
        **patterns_dir => [ "/usr/share/logstash/patterns" ]**
        match => { "message" => "^%{TIMESTAMP_ISO8601:timestamp}\;%{LOGLEVEL:loglevel}(.*);%{OPTIONALUSERNAME:user};%{TNR:tnr};%{INTEGRATION:integration};%{THREAD:thread};%{WORD:classname};%{GREEDYDATA:logmessage}$" }
        add_field => [ "logtype", "xxx" ]
      }
    }
    if ("yyy" in [path])  {
      grok {
        **patterns_dir => [ "/usr/share/logstash/patterns" ]**
        match => { "message" => "^%{TIMESTAMP_ISO8601:timestamp}\;%{LOGLEVEL:loglevel}(.*);%{OPTIONALUSERNAME:user};%{TNR:tnr};%{INTEGRATION:integration};%{THREAD:thread};%{WORD:classname};%{GREEDYDATA:logmessage}$" }
        add_field => [ "logtype", "yyy" ]
      }
    }

magnusbaeck · November 23, 2017, 2:25pm

You'll have to define it everywhere.

In this case I don't understand why you have two grok filters.

system · December 21, 2017, 2:25pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to define patterns_dir as global in logstash...? Logstash	7	1618	August 5, 2019
Custom patterns_dir for all groks? Logstash	1	347	November 29, 2018
Does logstash have anything as Pattern_dir for Match_Dir? Logstash	5	820	July 6, 2017
Grok Filter Pattern Clarification Logstash	2	209	July 24, 2018
Ok to define custom grok patterns in default logstash pattern file? Logstash	5	392	October 7, 2019

Create a global patterns_dir

Related topics