Grok pattern failure

cilzzz · February 6, 2018, 10:38am

Hey everyone i am trying to extract two patterns from this log file . i want the server name
(LSB4....) and the Status

> Nov 1 07:01:39 Task Completed: LSB4-35vls-M2-DESERT158 The following task completed:#012#012 60948221: Task Name: Take Snapshot#012Device: LSB4-35vls-M2-DESERT158 (10.246.18.31)#012Added by: NAUSER (NAUSER NAUSER)#012Start Date: 2017-11-01 07:01:16.0#012Repeat type: Non-recurring#012Status: Failed#012Comments: #012 Failed#015

here is my grok filter it worked on grokdebug but it isn't working here

grok {
     match => { "hpna_raw" => [ "%{MONTH}  %{MONTHDAY} %{TIME} %{WORD} %{WORD}: %{NOTSPACE:Server} %{WORD} %{WORD} %{WORD} %{WORD}:#012#012  %{INT}: %{WORD} %{WORD}: %{WORD} %{WORD}%{NOTSPACE} %{NOTSPACE} %{NOTSPACE} %{WORD}: %{WORD} %{NOTSPACE} %{NOTSPACE} %{WORD}: %{TIMESTAMP_ISO8601}%{NOTSPACE} %{WORD}: %{WORD}-%{WORD}#012%{NOTSPACE:Status} %{GREEDYDATA}"] }}

any help please

thank you!

`

magnusbaeck · February 7, 2018, 7:20am

Build your expression gradually. Start simple and add more and more to the expression until you either have captured all you want or things break, but then you know what caused it to break.

system · March 7, 2018, 7:20am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Having problems parsing data Logstash	4	305	February 18, 2021
Logstash grok pattern failed check config Logstash	23	3186	September 2, 2019
Grok parse failures Logstash	4	286	December 29, 2020
Help with grok pattern for logs parsen in logstash Logstash	1	269	November 21, 2018
Grok pattern Logstash	3	254	November 10, 2021

Grok pattern failure

Related topics