Greedydata doesn't work

iamthealex · November 17, 2017, 9:42pm

and pasted here for your ease of reference:

what is in gstatus.log

2017-11-17 14:16:43.317157 {"volume_summary" : "u" }

what is in my configuration

input {
exec {
command => "cat /home/anelson/gstatus.log"
interval => 1000
}
}

filter {

grok {
  match => [  "[message]", "%{GREEDYDATA:[allofit]}]"   ]
  add_tag => []
  tag_on_failure => ["garbled-message"]
}

}

output {
stdout {
codec => rubydebug { metadata => true }
}
}

when I run the config through logstash:
2017-11-17T13:38:30,794][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}
{
"@timestamp" => 2017-11-17T21:38:30.868Z,
"@version" => "1",
"host" => "ubuntu",
"message" => "2017-11-17 14:16:43.317157 {"volume_summary" : "u" }\n",
"command" => "cat /home/anelson/gstatus.log",
"tags" => [
[0] "garbled-message"
]
}

Christian_Dahlqvist · November 18, 2017, 7:05am

Your match statement is incorrect. Please follow the structure/syntax outlined in the documentation.

system · December 16, 2017, 7:05am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Greedydata does not work Logstash	11	2921	July 6, 2017
Greedydata not working for part of the log record Logstash	3	352	June 17, 2019
Will my "%{GREEDYDATA:[log_message]}" overwrides all my other grok filters? Logstash	2	377	February 1, 2021
Grok parser not working as expected with GREEDYDATA Logstash	13	7987	April 26, 2018
Doesn't work when trying to match on "source" and "message" in the same grok Logstash	2	540	January 16, 2020

Greedydata doesn't work

what is in gstatus.log

what is in my configuration

Related topics