Today I have text log format about nginx_access
{"timestamp": "2023-09-07T03:03:33+00:00", "remote_addr": "10.0.x.x", "remote_user": "-", "request_time": "0.002 s", "status_request": "200", "request_Size": "510", "request_method": "POST", "Url_request": "prod-card-apiflow-cardservices.domain.com.vn/api/cms/OpenHome", "proxy_upstream_name": "prod-card-prod-card-apiflow-cardservices-svc-9003", "proxy_alternative_upstream_name": "", "upstream_addr": "172.16.211.239:9003", "upstream_status": "200", "response_Size": "227", "user_Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36", "response_time": "0.002 s", "namespace": "prod-card", "ingress_name": "prod-card-apiflow-cardservices-ingress", "service_name": "prod-card-apiflow-cardservices-svc", "service_port": "9003"}
So I tried analysis log format nginx to grok patterns but it is seem is false in the field"%{IPORHOST:remote_addr}"
%{TIMESTAMP_ISO8601:timestamp} %{IPORHOST:remote_addr} %{USER:remote_user} %{NUMBER:request_time} %{NUMBER:status_request} %{NUMBER:request_size} %{WORD:request_method} %{URIPATH:url_request} %{NOTSPACE:proxy_upstream_name} %{NOTSPACE:proxy_alternative_upstream_name} %{IPORHOST:upstream_addr} %{NUMBER:upstream_status} %{NUMBER:response_size} %{NOTSPACE:user_agent} %{NUMBER:response_time} %{NOTSPACE:namespace} %{NOTSPACE:ingress_name} %{NOTSPACE:service_name} %{NOTSPACE:service_port}
Please help me to quickly resolved . thank everyone very much