How to split Grok Message

Sripal · November 14, 2018, 7:15am

Hi All,

I'm trying to read the access log using gork filter. but i am unable to split the message.
can anybody help.

Here is my config file and sample output

Thanks in advance .

Sripal

Christian_Dahlqvist · November 14, 2018, 7:26am

The pattern you have configured does not match your data. The first field is not a pure IP address, but also seems to contain a port number, which you will need to account for. Have a look at this introductory blog post which shows you how to work with Logstash and develop grok patterns.

Sripal · November 14, 2018, 9:20am

@Christian_Dahlqvist Thank you for the reply. It's very useful to me. I'll let you know my status once done.

Sripal · November 14, 2018, 10:08am

@Christian_Dahlqvist Thank you soo much.
Now its working

system · December 12, 2018, 10:18am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Grok pattern Logstash	5	209	November 30, 2022
Grok filter not working properly Logstash	3	391	February 21, 2019
How to Logstash gork filter with different infos in syslog message field Logstash	6	657	April 8, 2018
Help splitting field into two Logstash	5	475	May 23, 2019
Logstash grok nginx log Logstash	3	441	July 11, 2021

How to split Grok Message

Related topics