Hi!
I was interested in knowing if with logstash I could find words that match a pattern and extract them from the message, without parsing the whole message.
For example:
there has been an error on the **s123s** machine due to a blackout.
would like from this message to keep the name of the machine when it meet a pre defined pattern but the text is random because is an email so i cant parse the rest of the message because its not static as a log.
Thanks in advance!!
You can use grok to match a message against a regexp. There is no need to match the entire message.
thank you!! it finally works.
my example :
there has been an error on the s97bbdd001 machine due to a blackout
my regular expression: (?[a-zA-Z]\d.{1}....\d.{2})
[
{
"server": "s97bbdd001"
}
]
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.