I am collecting hundred types of router logs from a syslog server . I was able to write grok pattern for few of them and feed them into elasticsearch and kibana. But its becoming a tedious job to write for each type of log. Can anyone please tell me a better way to parse logs in logstash?
Below are few types of logs:- (There are many other types of logs)
PS: I HAVE WRITTEN THE PATTERN FOR THESE FOLLOWING TYPES OF LOGS. I DONT HAVE ANY PROBLEM IN WRITING GROK PATTERN FOR THE LOGS IN MY QUEST'N. I GET MANY TYPES OF LOGS FROM MY ROUTER, SO SHOULD I KEEP WRITING GROK PATTERNS OR IS THERE ANY OTHER WAY
Please format your code/logs/config using the </> button, or markdown style back ticks. It helps to make things easy to read which helps us help you
There's also no need to use all caps in your text.
It looks like most of the patterns share the same common elements. Why not create some custom patterns and leverage those?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.