Logstash-filter-for multiple log formats

dinesh1 · August 6, 2018, 10:53am

Hi,

How to parse logs using filters in logstash, so that i will get fields in kibana

Examples of my logs shown below

2018-08-06 00:00:03,828 [ Logging.java:http-nio-9093-exec-141:50] - Request "{"request":{"device_info":{"device_os_version":"51.4","app_version":"5.4","model_name":"Plus","device_id":"0F2A0199A4B7","uuid":"02A-F3-8199A4B7","time_stamp":"2018-08-06T00:00:02","carrier":"data","device_os":"ios","connection_type":"cellular"},"token":{"username":"2121214072","type":"","visit_type":""}}}"

2018-08-06 00:00:03,829 [ Logging.java:http-nio-9093-exec-141:51] - Response {"status":"SUCCESS","response_code":0,"response_description":"Token Validated Successfully."}

magnusbaeck · August 6, 2018, 11:02am

Use a grok or dissect filter to extract the timestamp, logger name, and JSON string into separate fields, then use a json filter to parse the field with the JSON string.

dinesh1 · August 6, 2018, 11:05am

thanks for your reply,

As Iam new to elk, i don't know about filters, please help me with an example

magnusbaeck · August 6, 2018, 11:26am

See https://www.elastic.co/guide/en/logstash/current/config-examples.html for a few example of filters.

system · September 3, 2018, 11:26am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.