I apologize if this is something not allowed, I am new to Kibana and having issues parsing logs. I want to parse the log below but I am unsure exactly how to go about it.
2020-03-31T13:35:31.83186256Z stdout F 31-Mar-2020 13:35:31.831 INFO [s-d-Worker-0] | device.DeviceAuthenticationHandler.info.38 | [ae9db805-2a84-4431-9fba-6f3f83ea2178] | The header for the request is ,ApplHGFDQ209HG7F,111138,111138,f47dfe16-0043-43a1-8c2b-649dcda436d8,1312984,H8n0T....,eyJpI....,M0010:S08:3114049-f47dfe16-0043-43a1-8c2b-649dcda436d8
I have been looking at documentation on parsing logs, but I have a couple of questions. The only thing I care about is the comma separated values at the end of the log line. I want to pull out the following fields
My Questions are
- Can I only parse out the fields I care about? (Basically ignore the first half of it.)
- Can I parse the same data multiple times to get different fields?
- I am building this in the kibana grok debugger, When I am done how do I save it? I want all logs that have this info in it to use this parser so I can build a dashboard of customer info.
Googling to figure out how to build a parser for this has given me some interesting results. I would also appreciate any links you can send to me. I am building this in the Kibana grok debugger.