Json to grok pattern

mbvelo · October 25, 2017, 12:25pm

Please asisst, how do i convert a json object to Grok Pattern

magnusbaeck · October 25, 2017, 2:04pm

What does that mean? Perhaps it'll be easier for you to explain if you give an example.

mbvelo · October 25, 2017, 6:11pm

I have a Json Log , i was trying to create a Grok Pattern.

please assist with this config using Filebeat -> Elasticsearch , My Json is not being decomposed.


filebeat.prospectors: 
  - 
    input_type: log
    json.add_error_key: true
    json.keys_under_root: true
    paths: 
      - message.log
output.elasticsearch: 
  hosts: 
    - "http://localhost:9200"

magnusbaeck · October 25, 2017, 7:51pm

Normally one doens't use a grok filter to process JSON logs; you use a json codec or json filter. Individual fields could of course still be processed with grok but that's another matter.

For Filebeat questions please ask in the Filebeat category.

mbvelo · October 25, 2017, 8:17pm

Thank you

system · November 22, 2017, 8:17pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.