Grok patterns subdivision

SandhyaRani · August 8, 2017, 9:47pm

Hi,

I have java exception log like this

2016-12-16 21:28:05,668 ERROR [int-http-28] [nbiws::::] c.t.d.s.impl.DiagnosticServiceImpl - Error running a diagnostic workflow : 9003: Invalid arguments
com.twowire.dmc.listener.DeviceInteractionException: 9003: Invalid arguments
  at com.twowire.dmc.listener.DeviceInteractionTemplate.execute(DeviceInteractionTemplate.java:102) ~[cms-core-4.2.8.9.jar:4.2.8.9]
  at com.twowire.dmc.listener.DeviceInteractionTemplate.execute(DeviceInteractionTemplate.java:59) ~[cms-core-4.2.8.9.jar:4.2.8.9]

and I wanted to parse the

 grok {
     match => {
         message => "%{DATESTAMP:timestamp} %{LOGLEVEL:level}( +)\[%{DATA:thread}\] \[%{DATA:mdc}\] %{JAVACLASS:class} - %{JAVALOGMESSAGE:logmessage} %{JAVACLASS:class}"
         }
    add_tag => ["exception"]
    }

I used that pattern its working fine , but

I got that, but still I want to parse this line
com.twowire.dmc.listener.DeviceInteractionException: 9003: Invalid arguments

as javaclass, logmessage
How can I do that I tried with diff patterns not getting
Any help please?
Thanks!

system · September 5, 2017, 9:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.