I've configured a FileBeat service to send logs to Kibana via LogStash. FileBeat and LogStash are in different servers while Kibana is inside an AWS ElasticSearch domain. The logs are visible in the Kibana dashboard. In each record, there's a field called message which consists of 10 sub-fields (nes…

Extract value from Nested message field - LogStash Kibana Grok Mutate

Badger April 7, 2021, 4:41pm 4

You are splitting the message field using ",", but it is separated with "|". Try

mutate { split => { "message" => "|" } }

1 Like

Topic		Replies	Views
Unable to extract the message filed from the logstash filter Logstash	7	591	September 17, 2019
Checking for existence of nested field Logstash	3	1370	July 6, 2017
Picking substring from field in logstash Logstash	2	2963	September 20, 2017
Extracting nested fileds with grok or kv Logstash	1	166	January 18, 2024
Parsing of a sub-element Logstash	3	347	August 8, 2019