Hi,
My log file has different sections. At the beginning it can have a tabular data and then a multiple log lines with format1 and then multiple lines with format 2 etc..
How can I split the log file in to different sections and parse each individual section of lines with a specific way...
For eg.. I want to extract tabular data portion and extract intereseted fields from it using csv filer.
Again in the same log file, I want to extract section having PATTERN1 type lines and parse it using grok filter.
Again in the same log file, I want to extract section having PATTERN2 type lines and parse it using grok filter.
I can identify start of each section in log file by the pattern of the first line.
Is something like this can be achieved using Logstash?
Hi Thanks for your reply. I will check that.
But I have a single log file having multiple csv formats and some non csv formats too..Like below
I need parse each section of different kind of csv formats seperately and extract few fields from it. Also I need to extract few fields from non csv lines having different patterns below too..
I know I can use grok with multiple pattern matches for each line..
But in case of csv data, how would i know which line belongs to what csv format?
since I know header rows before hand, is there some thing that I can use header row for each csv format and say that all the content in the same pattern below it belongs it?
Can you please suggest is there good way to parse these kind of files in logstash?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.