I'm trying to get a log like this from log4net:
[27][14:08:36.584]
[{"name":"Vinicius","SerialNumber":"957593196"}]
[37][14:08:36.584]
[{"name":"Mylonas","SerialNumber":"957593166"}]
...
How can I get this information from these three fields in two lines? Is there any pattern in grok for this?
filter{
grok {
match => {
"message" => ["\[%{NUMBER:threadId}\]\[%{GREEDYDATA:sourceTimestamp}\]"]
}
match => {
"message" => ["\[%{GREEDYDATA:json_data}\]"]
}
}
json{
source => "json_data"
}
}
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.