I have a "message" field contains bulk of data(like customerName,number,address) in logstash,
Now I want to create a new field that filter the data contains only word "Incoming Message:"
I'm using ELK 8.6.0
I am trying to split field "message" that is structured as follows:
'2023-08-01T21:11:54 <local.info> web.site.com IncomingMax1[123] 2023-08-01 11:10:54,123 INFO 987654321 Message.py 12 Incoming Message:'
'<nl John'
'<nl 672-222-2222'
'<nl NC'
'<nl USA'
I would like to split the above data to NEW fields :
Newfield: RESULTS ( that contains all logs having word Incoming Message: )
thanks a lot