Grok Output to comma separated

Vivek_Raj · January 22, 2018, 3:44pm

Hi Everyone,

How can i convert my Grok output to comma separated

My Grok Pattern (Nginx access log)

%{IPORHOST:clientip} %{NGUSER:ident} %{NGUSER:auth} [%{HTTPDATE:timestamp}] \ "(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|-)" %{NUMBER:response} (?:%{NUMBER:bytes}|-) %{GREEDYDATA:message}

Expected Output

clientip,ident,auth,timestamp,verb,request,httpversion,response,bytes,message

Please help to build logstash config here.

Thanks
Viv

JKhondhu · January 24, 2018, 11:20am

Hi,

Have a ganders at the CSV output plugin: https://www.elastic.co/guide/en/logstash/current/plugins-outputs-csv.html

system · February 21, 2018, 11:21am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash 5.2 broke CSV output Logstash	1	334	March 29, 2017
How can i parse the data with comma seperated in logstash Logstash	5	850	November 22, 2018
Splitting the log into a csv file Logstash	2	282	March 1, 2022
Logstash CSV String Text containing commas Logstash	1	1038	July 6, 2017
Separate part of log in Logstash Logstash	3	638	July 6, 2017

Grok Output to comma separated

Related topics