How to create a field that filters the data

Jennifer_Coley · August 1, 2023, 9:01pm

I have a "message" field contains bulk of data(like customerName,number,address) in logstash,

Now I want to create a new field that filter the data contains only word "Incoming Message:"
I'm using ELK 8.6.0

I am trying to split field "message" that is structured as follows:

'2023-08-01T21:11:54 <local.info> web.site.com IncomingMax1[123] 2023-08-01 11:10:54,123 INFO 987654321 Message.py 12 Incoming Message:'
'<nl John'
'<nl 672-222-2222'
'<nl NC'
'<nl USA'

I would like to split the above data to NEW fields :

Newfield: RESULTS ( that contains all logs having word Incoming Message: )

thanks a lot

system · August 29, 2023, 9:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash filtering Logstash	1	156	August 29, 2023
Unable to create a new Field in Logstash ElasticSearch please help Logstash	1	176	August 30, 2023
Error while creating new Fields in Elastic Search Elasticsearch	1	97	August 31, 2023
Logstash Filter \|\| Json Message to Split Fields Logstash	3	2121	October 14, 2019
Filter from message field Elasticsearch	1	337	December 31, 2018

How to create a field that filters the data

Related topics