Hi All,
Can any one explain the grok pattern for the below lines,
[2017-08-19T12:47:43,822][INFO][logstash.agent] Successfully started Logstash API endpoint {:port=>9600}
[2017-08-19T12:49:47,213][WARN][logstash.agent] stopping pipeline {:id=>"main"}
What have you tried so far?
If you want to parse the Logstash log with Logstash you should use the --log.format option to have it produce JSON-formatted files.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.