Is it possible to search for a generic pattern within a log line? Our log lines are a bit disorganized. They come in many different flavors and formats from different systems, but they all contain a date and time stamp. It may be in different positions within the log line, but it does exist. Take …

How to search log line for a specific pattern format

Badger August 27, 2019, 5:04pm 2

Use grok. grok patterns are not anchored, so they will find the date and time anywhere in the line

    grok {
        break_on_match => false
        match => { "message" => [ "\b(?<date>\d{2}/\d{2}/\d{4})\b", "\b(?<time>\d{2}:\d{2}:\d{2})\b" ] }
    }

1 Like

Basic logstash mutations

Topic		Replies	Views
Non standard log lines Logstash	2	1096	July 6, 2017
Grok pattern for date Logstash	6	1691	June 13, 2019
Parse different datetime values into timestamp Logstash	4	604	April 14, 2017
How to parse different time formats Logstash	5	1284	June 8, 2017
Logstash date extraction help Logstash	3	612	December 26, 2016

How to search log line for a specific pattern format

Related topics