Thank you, reading now....
How about constructions above? What of them is more correct - when I used multiple matching or when I used grok filter twice against one type: syslog?
Thank you, reading now....
How about constructions above? What of them is more correct - when I used multiple matching or when I used grok filter twice against one type: syslog?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.