Logstash Filter for Parsing Mule Log

Dhanashree · April 27, 2018, 8:48am

Hi,
I wish to load data from a mule log file to elasticsearch via logstash.
The following is my log data pattern:

2018-04-26 14:35:51,016 [[cif].HTTP_Listener_Configuration.worker.01] INFO org.mule.api.processor.LoggerMessageProcessor - Process Initialised Corelation Id :ee7a310a-a45a-45cd-9159-caba7e6b97e1 , Flowname :XYZ,Process:PurchaseInfo,Source:S2,Target:T2,Status:SUCCESS End of Process

I wish to get only values of Flowname,Process,source,target,status as separate fields after parsing the data. Which filter can be used in logstash config file to achieve this and how it can done?

guyboertje · May 4, 2018, 11:36am

Its hard to help. You only gave one line of data. There are some outdated links if you search the internet but some of the info is relevant.
For instance, there is a JSON logging module for Mule. If you can switch to that then the LS config is much easier and LS performance much better.
If you can't use the JSON logging module, then we will need to see a few samples of (sensitive info scrubbed) the mule logs.
Depending on how regular the log format is you can use Dissect (more regular) or Grok (works for less regular) filters.

Topic		Replies	Views
Unable to parse the mule logs in logstash Logstash	11	1079	January 19, 2021
Filtering log message from Mulesoft app with grok Logstash	1	367	March 24, 2020
Logstash Grok filter for parsing particular log record Logstash	3	831	June 12, 2018
Logstashs event parsing Logstash	4	346	December 2, 2019
Creating Logstash Configuration Logstash	12	1795	July 6, 2017

Logstash Filter for Parsing Mule Log

Related topics