How to ingest access_log with x-forwarded-for from oracle http server in elasticsearch

I am new to Elastic and wanting to ingest Oracle http server access_log in elastic. i used apache ingestion, it considers entry as error.message. i used filebeat it does the same. i dont understand how to format it for it to ingest properly.

log entry - - [06/Jan/2022:19:00:02 -0500] 005pFAfC0Ar0zk6pzK_AiW0002ew0003sG "GET / HTTP/1.1" 200 775

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.