Logstash. Get fields by position number

Paul_Letski · June 17, 2015, 1:42pm

I want to remove them completely.
I got an advice on stackoverflow to use filter like this:

grok {
     pattern => "%{TIMESTAMP_ISO8601:timestamp} %{WORD:app} %{WORD:server} %{GREEDYDATA:message}"
     overwrite => [ "message" ]
}

json {
    source => "message"
}

But now I'm getting error in log about "Trouble parsing json".

Topic		Replies	Views
How to cut and delete elements in a array with Logstash Logstash	6	4298	July 6, 2017
Logstash filter - get field? Logstash	6	885	April 11, 2016
Remove some fields about logstash Logstash	2	498	September 24, 2017
Remove a field that starts with an integer Logstash	12	3828	July 6, 2017
How to use logstash filter Logstash	10	2099	January 18, 2017

Logstash. Get fields by position number

Related topics