We work with ELK Stack and I have the task of creating meaningful visualizations from the log entries. I have logs in the following format: { "@timestamp": [ "2023-08-08T00:00:11.2123" ], "xxxxx": [ "yyyyy" ], "message": [ "some text some informations; name{name='marc', school…

How can I filter certain information from the logs?

cperzrt10 (Cristian) October 3, 2023, 10:04am 2

Hi @hta , try the following grok pattern

filter {
  grok {
    id => "name school grok filter"
    match => { 'message' => '^.*name=\'%{WORD:name}\'.*school=\'%{WORD:school}\''}
  }
}

it gets the name and the school from the message.

1 Like

Topic		Replies	Views
Add grok patterns on unformatted message in Kibana visualization Kibana	2	513	January 31, 2022
Querting Kibana using grok pattern Kibana	4	1133	July 6, 2017
Grok Pattern Help with message parsing Logstash	5	1497	July 6, 2017
Turn messages into fields - querying in kibana Logstash	8	1216	July 6, 2017
How to query from Kibana or how to logstash my data Kibana	3	493	April 11, 2018