Customer pattern to parse specific data

bab · October 27, 2018, 9:12pm

hey,

i have a problem with my logfiles i want to create a grok pattern which can chek if this log-entry have after sev field a string starrt whit com than parse it in package. i try this pattern but not lukcy:

log-entry:

[9/17/18 4:48:10:436 CEST] 00000072 webapp E com .ibm.ws.webcontainer.webapp.WebApp logServletError SRVE0293E: [Servlet Error]-[PluginServlet]: java.io.IOException: Plugin resource not found!

my pattern:

%{DATESTAMP:time} %{NOTSPACE} %{NOTSPACE:thread} %{WORD:log-source} [ ]* %{NOTSPACE:sev}\s+(?<package>[a-z]{3}(?=.*c))\s ?%{GREEDYDATA:msg}

please help me.
Thank you

bloke · October 27, 2018, 10:02pm

Use this tool to help you construct and test your grok patterns.

http://grokconstructor.appspot.com/

system · November 24, 2018, 10:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Help with custom pattern Logstash	2	210	September 18, 2020
Custom Pattern is not working in Logstash Logstash	3	365	March 26, 2018
Help With the Grok Pattern Logstash	1	280	May 1, 2019
Grok pattern for java exceptions Logstash	2	1395	July 6, 2017
Pattern for this log Logstash	7	264	January 17, 2021

Customer pattern to parse specific data

Related topics