Hi All,
Could you share your thought to get the exact grok pattern for the below content,
log file --> "ServerManager~31bf3856ad364e35~amd64~~6.3.9600.16384, Remote Parent: IIS-HttpErrors, Intended State: Staged"
so the grok pattern how will write,
I want message => "IIS-httpErrors" feet in to elasticsearch
Thanks,
Nagaraj,
Hi,
There are infinite ways of filtering this log...most likely mine is not the better one, but I hope it helps you anyways.
^ServerManager~[^:]+:\s(?<yourlabelhere>[\w-]+)[^:]+:\sStaged$
Regards!
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.