^(?:%{LOGLEVEL:level}):\s*%{DATA:message}\s*(?:%{JAVACLASS:caller_class})\s+[%{WORD:loglevel}]\s+([\s*\S+\s+%{BASE10NUM:tstamp}.?]\s+)+([\s\S+\s+%{BASE10NUM:memory}\S*\s+\S+\s+%{BASE10NUM:total}.*?])
I have got this grok pattern, how shall I use this to modify my logtash config or create a new pattern file for this
can someone give me a walkthrough
You can use it directly in a grok filter, or you can store it in a grok pattern file. That's up to you. Whichever option you choose I think it's pretty well documented at https://www.elastic.co/guide/en/logstash/current/plugins-filters-grok.html. Perhaps you have a more specific question?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.