Hi, I need help constructing the grok pattern for the following log messages
Fri Mar 18 17:43:27 2022 : Info: Debugger not attached
Fri Mar 18 17:43:27 2022 : Info: Loaded virtual server inner-tunnel
Fri Mar 18 17:43:27 2022 : Info: Loaded virtual server <default>
TIMESTAMP_ISO8601 does not seem to match the format.
new to elk, help would be appreciated
Thank you!
Hi,
The date you have don't fit TIMESTAMP_ISO8601 pattern.
I think it fit this one.
So the grok filter should look like this :
%{HTTPDERROR_DATE:date}\s:\s%{LOGLEVEL:log}:%{GREEDYDATA:comment}
Cad.
It works, Thank you so much!
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.