New to Logstash and I have seen many items that discuss using defined patterns to parse logs but I have some ugly logs that don't fit a defined format. I need to do accomplish two things:
- Parse an ugly time stamp into its own field
- Look for a phrase to get the code value next to it.
Is it correct to use grok for this? I have only seen established patterns that don't fit my logs at all.
8:00:01:495/UTC(10/14/2016) ERROR ShieldWorker : Discovery_Shield:MAJ:Problems with call:org.springframework.web.client.HttpClientErrorException: 401 Unauthorized
I have attempted several iterations using the http://grokdebug.herokuapp.com/