Grok pattern for [2017-08-19T12:47:43,822][INFO]

arunvijayam · August 19, 2017, 9:54am

Hi All,

Can any one explain the grok pattern for the below lines,
[2017-08-19T12:47:43,822][INFO][logstash.agent] Successfully started Logstash API endpoint {:port=>9600}
[2017-08-19T12:49:47,213][WARN][logstash.agent] stopping pipeline {:id=>"main"}

warkolm · August 19, 2017, 9:12pm

What have you tried so far?

magnusbaeck · August 20, 2017, 10:01am

If you want to parse the Logstash log with Logstash you should use the --log.format option to have it produce JSON-formatted files.

system · September 17, 2017, 10:01am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need some help for parsing Log Logstash	2	367	March 29, 2017
GROK: help with pattern Logstash	4	257	June 17, 2021
Grok pattern file for log message Logstash	1	273	March 29, 2019
Grok pattern need Logstash	2	294	April 16, 2019
Need help on Grok Pattern Logstash	1	320	May 8, 2018

Grok pattern for [2017-08-19T12:47:43,822][INFO]

Related topics