I just created an index using Elasticsearch and Logstash but the fields I've specified using the Logstash filter (grok) aren't really reflecting in Kibana.
Here's my filter -
grok {
match => {"message" => "%{TIMESTAMP_ISO8601:log_time_stamp} [(?<server_name>[\w-.]+)][(?<service_name>[\w-.]+)][(?<thread_id>[\w-.]+)][(?[\w-.]+)][(?<request_id>[\w-.]+)] (?DEBUG|WARN|ERROR|INFO|FATAL)\s{1,2}- (?.*)"}
}
Here's my logs-
2017-01-19 12:45:38,392 [s-app-a-app12][no_data][QuartzScheduler_ru636197190474427086_ClusterManager][svc][no_id] DEBUG - ClusterManager: Check-in complete.
Index create but, does not contain fields from grok !
what is the matter ?
