I am getting a string ".." in the logs and would like to split this using grok pattern. is there any method to do so ?
example:
input log string : java-app.ABCD.win-service-test
Output should be
app_name: java-app
org_name: ABCD
service_name: win-service-test
Hey @Mohanraj, is your question in regard to the grok filter plugin in Logstash? If so, I can move this topic over to the Logstash section.
Yes Brandon, this is related to the grok filter pattern.
Thanks,
Mohan
grok { match => { "message" => "(?<app_name>[^.]*)\.(?<org_name>[^.]*)\.(?<service_name>[^.]*)" } }
would do it.
1 Like
Hi Badger, Thank you, this works fine.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.