Hi Team,
I am new to ELK & GROK filtering . I am trying to parse SAP hana DB audit logs . I am facing one problem .. supposing if a log line consists of " ;;;;;;values>" , if u notice, after 2 values I have 4 semicolons with empty values , but its not always empty , sometimes it has values . So , How can parse logs with semi-colon separated and it sometimes has values and sometimes it wont have data between 2 semi-colons, if i have value , then it parses correctly , otherwise it throws me error. kindly advise.
Sample logs :
2013-11-30 13:04:54;indexserver;myhanablade23.customer.corp;HAN;01;30103;10.29.14.177;lu306309;6776;58060;Alter User Policy;INFO;ALTER USER;SYSTEM;;;;;;ADAMS;SUCCESSFUL;;;;;;alter user ADAMS VAXXXXXXXXXXXXX;434597;
Thanks
Vigneshwaran M
