Hi
I am trying to use grok plugin for combinedapchelogs but I think it is not parsing logs .
I wanted to ask if all the plugins (assuming grok is a logstash plugin) are installed as a bundle for logstash or you need to install plugins separately and if it is installed as a bundle than what could be the possible issue that my grok pattern is not parsing my logs? if not than is there any script that can allow me to install grok plugins on my server
Regards
I wanted to ask if all the plugins (assuming grok is a logstash plugin)
It is.
are installed as a bundle for logstash or you need to install plugins separately
Logstash comes with a bunch of plugins, but not all. The grok filter plugin is installed by default so you don't have to install it separately.
and if it is installed as a bundle than what could be the possible issue that my grok pattern is not parsing my logs?
There are a million things that could go wrong. Without details such as an example input event, your configuration, and the result of a stdout { codec => rubydebug } output it's impossible to help.
if not than is there any script that can allow me to install grok plugins on my server
Thanks i just realized that i was trying to parse wrong log format and i was assuming it to be the apache combined log. nonetheless i have fixed that issue.
Thanks for your support
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.