How can i use logstash to process custom log?


(Anilkumar Patel) #1

Hi, I am new to the logstash and elasticsearch and I don't know how to process these below logs.

fields in the log file are source, method, date & logmessage.

Source : abcd.cs
Method : abcd()
Date : 15/05/2018 00:00:13
LogMessage : failed to connect

Source : wxyz.cs
Method : wxyz()
Date : 15/05/2018 00:00:13
LogMessage : failed to connect.

and I need output should be in

abcd.cs abcd() 15/05/2018 00:00:13 failed to connect

so that I can apply the grok filter for the further parsing of the logs.


(Mark Walkom) #2

Are these on a Windows server, are they in the event log or in a file?


(Anilkumar Patel) #3

hi mark, its a .txt file generated from an application


(Mark Walkom) #4

Then you can use Filebeat with the multiline functionality - https://www.elastic.co/guide/en/beats/filebeat/current/multiline-examples.html


(Anilkumar Patel) #5

Hi Mark,
Thanks for the reply. I have found the solution using Filebeat with multiline functionality.

It would be really nice if I could get one more help. I was using the Logstash S3 input plugin, but I have been struggling to implement it. I created a discuss issue but haven't got any replies. Could you please take a look at it and share your inputs.

link:- Require example/tutorial for Logstash S3 Input Plugin

Thanks,
Anil


(system) #6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.