Is logstash supports multiple grok pattern?

abhishekacharya828 · April 29, 2024, 6:29am

filter {
grok {
match => { "message" => [
"%{TIMESTAMP_ISO8601:timestamp} [%{LOGLEVEL:loglevel}] %{GREEDYDATA:message}",

  "\[%{LOGLEVEL:log_level}\] System Metrics: CPU %{NUMBER:cpu_usage}%\, Memory %{NUMBER:memory_usage}%\, Disk %{NUMBER:disk_usage}%\, Network In %{NUMBER:network_in} Mbps\, Out %{NUMBER:network_out} Mbps \| App Metrics: Requests %{NUMBER:request_time}\, Avg Response %{NUMBER:avg_response_time}ms\, Errors %{NUMBER:error_rate}%"

]}

}
}

here this is the configuration is my logstash , because my logs contain multiple grok pattern so verify this should be correct or not ?

abhishekacharya828 · April 29, 2024, 6:32am

like this

Nabeel_Ahmed_NAK · April 29, 2024, 6:44am

Hi @abhishekacharya828

Yes, Logstash grok filter plugin support multiple pattern to parse data.

Thanks

Nabeel_Ahmed_NAK · April 29, 2024, 6:46am

Just need to follow available options that logstash provided to you.
for example:

Thanks

Topic		Replies	Views
Logstash 8.1 multiple patterns Logstash	2	160	December 22, 2023
Grok filter multiple match Logstash	4	18223	October 31, 2019
Multiple patterns in grok filter Logstash	4	3381	November 16, 2018
Multiple grok pattern, really multiple? Logstash	2	211	April 28, 2022
How to parse single log file with multiple grok pattern Logstash	4	3041	June 1, 2017

Is logstash supports multiple grok pattern?

Related topics