Hi community,
I searched some playground for dissecting a log message but I was unable to find it, and so I always receive dissect error.
The filebeat configuration is:
filebeat.inputs:
- type: log
paths:
- /home/auto/instroot/*.log
tail_files: true
recursive_glob.enabled: true
# processors:
# - dissect:
# tokenizer: '%{service.date} %{service.time} - %{service.level} [%{service.id}] (%{service.class}) - %{service.message}'
# field: "message"
output.kafka:
# initial brokers for reading cluster metadata
hosts: ${KAFKA_CLUSTER}
# message topic selection + partitioning
topic: 'mytopic'
partition.round_robin:
reachable_only: false
required_acks: 1
compression: gzip
max_message_bytes: 1000000
The message example is:
2021-03-24 12:43:00,632 - WARN [qtp300128885-10294] (TreeLockImpl) - Received a return request for token TreeLock, but it is not outstanding