Hi , I have configure logstash to read my log file which gives me below input. Now I want to split the message and create a field for each comma separated values against each. Tried to use mutate in my logstash.conf file however it did not work. Log snippet (This is a single line) werwerwer.com-…

Create fields by splitting a log

Badger March 4, 2020, 5:49pm 5

I would use dissect to parse the beginning of the line, something like this. Then use a json filter to parse the rest of the line.

Topic		Replies	Views
Need to split a field into several fields in a JSON object Logstash	4	1190	February 9, 2017
How to use split filter on the field using logstash Logstash	5	6148	March 27, 2019
Split Logfiles Logstash	4	215	July 26, 2018
Problem with "split" and "add_field" in mutate filter Logstash	5	5472	December 19, 2019
Problem with split add field Logstash	3	841	December 17, 2020

Elasticsearch is a trademark of Elasticsearch BV, registered in the U.S. and in other countries
Trademarks
Terms
Privacy
Brand
Code of Conduct

Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.

Create fields by splitting a log

Related topics