trying to tackle a expression but im a novice.
Need to match the log4j thread name
${NOSPACE:thread} worked until I encountered spaces then spaces and brackets
need to match the following
mulesoftlogs
mulesoftlogs withaspace
[mulesoftlogs with spacesandbrackets]
for the space and brackets I found the following solution online
\[(?<thread>[^\]]+)?\]
Then I ran into a about a dozen lined with this
[mulesoftlogs with a [[spaceand2brackets]]
which this pattern worked despite missing the trailing bracket in the resulting value
\]\[(?<thread>[^\]]+)?\]
Then the last few grok failures stumped me.
[mulesoftlogs withaspace ]andbracketsfaceingalldirections]]
not good enough to make this for in logstash ..
any help is appreciated thanks