Hi,
I'm pretty new to this, can someone help me to dissect the below file path?
(_LQ3zMFgBEee5Sr7bPizxug) /com.ti.b.ld.nr.ee.kb.tiontion.jar/src/main/java/com/nk/fiswoa/sb/desk/del/SBBdDkWhLtDO.java
I only want the last part of the log to be printed, which in this case is: .java
It can sometimes even be .property
Using mutate or dissesct.
Thanks
It could be done using mutate
mutate { gsub => [ "message", ".*\.", "" ] }
but if I had to do it I would use grok
grok { match => [ "message", "\.%{WORD:extension}$" ] }
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.