I am trying to parse through log files that are separated by a row of dashes before and after each log file condensed into one document. I was thinking of creating a custom grok pattern and putting in patterns_dir. And then using the multiline filter to read up to a row of dashes, and set what => "previous"
WOULD THIS WORK? is there a way to create a custom grok pattern for a row of dashes?
I am trying to parse through log files that are separated by a row of dashes before and after each log > file condensed into one document. I was thinking of creating a custom grok pattern and putting in patterns_dir. And then using the multiline filter to read up to a row of dashes, and set what => "previous"
WOULD THIS WORK?
Yeah, probably.
is there a way to create a custom grok pattern for a row of dashes?
Sure, why would that be different from any other grok pattern? But given how trivial the regexp is I see little point in storing it in a grok pattern.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.