Help in logstash parsing by using GROK

Below is the sample Log:

Worlkflow MainJobName Start_time Job status dependencies
ABCDS19F #QSDF_workflow 1705 10/29 QSDF_JOB READY
----- ----- ------ QSDE_JOB HOLD QSDF_JOB
----- ----- ------ QSDA_JOB HOLD QSDE_JOB
ABCDS20F #QSDA_workflow 1805 10/29 RSDF_JOB READY
----- ----- ------ RSDE_JOB HOLD RSDF_JOB
----- ----- ------ RSDA_JOB HOLD RSDE_JOB

I need to parse this log and index the data in Elasticsearch, Canyou please help me parse by using logstash. Is there any possible way's to parse using grok patten

desired output:

{
"Worlkflow": "ABCDS19F",
"MainJobName": "#QSDF_workflow",
"Start_time": "1705 10/29",
"Job": "QSDF_JOB",
"status": "READY",
"dependencies": ""
}
{
"Worlkflow": "ABCDS19F",
"MainJobName": "#QSDF_workflow",
"Start_time": "1705 10/29",
"Job": "QSDE_JOB",
"status": "HOLD",
"dependencies": "QSDF_JOB"
}
{
"Worlkflow": "ABCDS19F",
"MainJobName": "#QSDF_workflow",
"Start_time": "1705 10/29",
"Job": "QSDA_JOB",
"status": "HOLD",
"dependencies": "QSDE_JOB"
}

@ magnusbaeck Can you please me on this.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.