Hello,
i'm parsing a firewall log that has it's fields separated by " ; ", using this to my advantage i decided to apply the csv filter to the log using ";" as my separator. The problem appears when one of the columns generated by the csv filter appears in the following manner:
"column1" => "Fri Jun 29 11:14:47 Control host CPLogToSyslog: ContentVersion: 5"
From this column i need to extract the fields: "Control host CPLogToSyslog" and "ContentVersion".
Looking at the grok i saw regex could be used to extract the values, but i'm not able to make it work haha.
Can someone give me any leads on a way to solve this?
Thanks!