I'm having problems matching against a string in the middle of a field
field data contains:
"change-data" => "{ gtm_pool_member { gtm_pool_member_pool_type 1 gtm_pool_member_pool_name /Common/panel_preprod_ca gtm_pool_member_server_name /Common/san_diego_ltm_pair gtm_pool_member_vs_name /ScaleMatrix/SM-panel-HA-preprod-vs-443 gtm_pool_member_pmbr_order 0 gtm_pool_member_limits { gtm_limit_bits_per_sec_enabled 0 gtm_limit_pkts_per_sec_enabled 0 gtm_limit_connections_enabled 0 } gtm_pool_member_monitor_rule gtm_pool_member_enabled 1 gtm_pool_member_ratio 2 } }",
I'm trying to match /Common/panel_preprod_ca. However, the data before and after it is dynamic and there are a lot of variations.
I'm using the following grok pattern which matches against most variations. However, for the variation above is failing...
"change-data", "(.*) %{UNIXPATH:object-name}"
its matching
"object-name" => "/ScaleMatrix/SM-panel-HA-preprod-vs-443"
How do I get it to match against the first instance of PATH going left to right?
