Is logstash supports multiple grok pattern?

abhishekacharya828 · April 29, 2024, 6:29am

filter {
grok {
match => { "message" => [
"%{TIMESTAMP_ISO8601:timestamp} [%{LOGLEVEL:loglevel}] %{GREEDYDATA:message}",

  "\[%{LOGLEVEL:log_level}\] System Metrics: CPU %{NUMBER:cpu_usage}%\, Memory %{NUMBER:memory_usage}%\, Disk %{NUMBER:disk_usage}%\, Network In %{NUMBER:network_in} Mbps\, Out %{NUMBER:network_out} Mbps \| App Metrics: Requests %{NUMBER:request_time}\, Avg Response %{NUMBER:avg_response_time}ms\, Errors %{NUMBER:error_rate}%"

]}

}
}

here this is the configuration is my logstash , because my logs contain multiple grok pattern so verify this should be correct or not ?

abhishekacharya828 · April 29, 2024, 6:32am

like this

Nabeel_Ahmed_NAK · April 29, 2024, 6:44am

Hi @abhishekacharya828

Yes, Logstash grok filter plugin support multiple pattern to parse data.

Thanks

Nabeel_Ahmed_NAK · April 29, 2024, 6:46am

Just need to follow available options that logstash provided to you.
for example:

Thanks

Topic		Replies	Views
Grok filter multiple match Logstash	4	18140	October 31, 2019
Grok The correct syntax to match against multiple patterns Logstash	1	23	August 31, 2024
Grok pattern match for multiple lines Logstash docker	3	879	May 14, 2020
Two or more filters in Logstash Logstash	8	4487	January 16, 2020
How to use multiple filters and multiple Grok filters Logstash	5	14531	May 10, 2018

Is logstash supports multiple grok pattern?

Related Topics