Custom log integration with Text & json file

Hi,

We have text files which are getting created on Windows VM's and Linux VM's in certain location. Here is the sample text file which is getting created. So, we i would like to get the log and parse into different field using custom integration . "id", "KB".... etc need to be parsed into different fields from the json and get rid of text lines which are not in json. So would like to know the logic to input in custom integration.

2023-01-12 10:36:50Z Reboot requirement check: False
2023-01-12 10:36:50Z Creating Windows Update session...
2023-01-12 10:36:50Z Create Windows Update searcher...
2023-01-12 10:36:50Z Setting the Windows Update Agent source catalog...
2023-01-12 10:36:50Z Search source set to 'default' (ServerSelection = 0)
2023-01-12 10:36:50Z Searching for updates to install with query 'IsInstalled = 0'
2023-01-12 10:36:54Z Found 2 updates
2023-01-12 10:36:54Z Filtering found updated based on input search criteria
2023-01-12 10:36:54Z Process filtering rules for
{
    "id":  "89e11227-761b-4396-bf37-37a2b641fa84",
    "title":  "2021-01 Update for Windows Server 2019 for x64-based Systems (KB4589208)",
    "description":  "Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.",
    "kb":  [
               "KB4589208"
           ],
    "type":  "Software",
    "deployment_action":  "Installation",
    "auto_select_on_websites":  false,
    "browse_only":  false,
    "revision_number":  202,
    "categories":  [
                       "Updates",
                       "Windows Server 2019"
                   ],
    "is_installed":  false,
    "is_hidden":  false,
    "is_present":  false,
    "reboot_required":  false,
    "impact":  "Normal",
    "reboot_behaviour":  "CanRequestReboot",
    "is_beta":  false,
    "is_downloaded":  false,
    "is_mandatory":  false,
    "is_uninstallable":  false,
    "auto_selection":  "AutoSelectIfDownloaded",
    "auto_download":  "AlwaysAutoDownload"
}
2023-01-12 10:36:54Z Skipping update 89e11227-761b-4396-bf37-37a2b641fa84 - 2021-01 Update for Windows Server 2019 for x64-based Systems (KB4589208) due to category_names
2023-01-12 10:36:54Z Process filtering rules for
{
    "id":  "3346a076-4bf6-48a1-b0d6-8422630f38b2",
    "title":  "Windows Malicious Software Removal Tool x64 - v5.109 (KB890830)",
    "description":  "After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection that is found. If an infection is found, the tool will display a status report the next time that you start your computer. A new version of the tool will be offered every month. If you want to manually run the tool on your computer, you can download a copy from the Microsoft Download Center, or you can run an online version from microsoft.com. This tool is not a replacement for an antivirus product. To help protect your computer, you should use an antivirus product.",
    "kb":  [
               "KB890830"
           ],
    "type":  "Software",
    "deployment_action":  "Installation",
    "auto_select_on_websites":  true,
    "browse_only":  false,
    "revision_number":  200,
    "categories":  [
                       "Update Rollups",
                       "Windows Server 2016",
                       "Windows Server 2019"
                   ],
    "is_installed":  false,
    "is_hidden":  false,
    "is_present":  false,
    "reboot_required":  false,
    "impact":  "Normal",
    "reboot_behaviour":  "CanRequestReboot",
    "is_beta":  false,
    "is_downloaded":  false,
    "is_mandatory":  false,
    "is_uninstallable":  false,
    "auto_selection":  "LetWindowsUpdateDecide",
    "auto_download":  "LetWindowsUpdateDecide"
}
2023-01-12 10:36:54Z Skipping update 3346a076-4bf6-48a1-b0d6-8422630f38b2 - Windows Malicious Software Removal Tool x64 - v5.109 (KB890830) due to category_names
2023-01-12 10:36:54Z Search mode: exiting...

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.