Hi I'm trying to set up a grok filter for custom logs, look like this:
2023-01-20 00:00:05.235+0000 [L: DEBUG] [O: S.c.t.d.e.DSLScript] [I: ] [U: Administrator] [S: ] [P: ] [T: TWEventProcessor-3] @@@ Property Write Queue: 0
And I'm stuck at the stage of describing the [L: DEBUG] piece. I have a regex, that works fine:
^\[[A-Z]{1}(: ){1}[A-Z]{4,10}\]$
But when I'm trying to create a custom pattern in specified field in grok debugger and simulate it, I get a simulate error:
This is how all the information I enter into the grok debugger looks like:
Sample data:
2023-01-20 00:00:05.235+0000 [L: DEBUG]
Grok pattern:
%{TIMESTAMP_ISO8601:timestamp} %{TWX_LOGLEVEL:loglevel}
Custom patterns:
TWX_LOGLEVEL ^\[[A-Z]{1}(: ){1}[A-Z]{4,10}\]$
Thanks in advance