Hi All - I have read through few questions and I think a similar question has been covered before - however I do not understand Ruby code to make sense of the responses. My problem is as follows:
SOURCE FIELD
I am parsing a log file, where, every event includes a 'source' field, which is the name of the log file, e.g.:
test.YYYYMMDD_HHMMSS.log
What I want to do is: For each event, where 'source' contains this filename, extract the date and time in the following format within a new field:
DD/MM/YYYY HH:MM:SS
I know how to write custom Regular Expressions (REs) in GROK, but I cannot write an RE which will match the data /and/ format it before storing it into a variable. So that is my problem.
Can anyone please help?
Thanks a lot!