Hello i am injesting jboss logs to the elastic have some of the fields to grok, but i want to use the ELastic Common schema to store those
here is my log:
2024-06-25 11:59:50,358 ERROR [stderr] (default task-100) at org.jboss.xnio.nio@3.8.10.Final-redhat-00001//org.xnio.nio.WorkerThread.run(WorkerThread.java:591)
so i have handled some of the fields but don't know about the class names and methods of java if they are correctly mapped or not , i need little help to map them too
| grok message """^%{TIMESTAMP_ISO8601:@timestamp}%{SPACE}%{LOGLEVEL:log.level}%{SPACE}\[(?<log.logger>[^\]]+)\]%{SPACE}\((?<log.thread>[^)]+)\)%{SPACE}at %{JAVACLASS:className}@%{DATA:version}//%{JAVACLASS:fullClassName}\.%{JAVAMETHOD:log.origin.function}\(%{DATA:log.origin.file.name}:%{NUMBER:log.origin.file.line}\)"""
| grok log.origin.file.name """\.%{DATA:file.extension}$"""
| keep @timestamp,message,className,version,fullClassName,log.origin.function,log.origin.file.name,log.origin.file.line,file.extension