Hello.
I'm looking for grock filter matching this format [10/26/23 10:48:30:823 CEST]
can't find any match from predefined formats. I need it to my Logstash filter. Any ideas ?
Hi @elk1985
You don't say what fields you want out of it, this might get you where you want to go:
\[%{DATE_US:date} %{TIME:time} %{WORD:timezone}\]
A few general pointers when using grok with elastic:
- Elastic Grok documentation
- Logstash grok patterns (always gives me good ideas and helps me not reinvent the wheel).
- Grok debugger in kibana will help you experiment and see what works.
Good luck
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.