Hi,
I am using a simple pattern which works on grok debugger well but I don't see the fields in Kibana.
I did config test before starting the log stash.
filter {
grok {
match => { "message" => "%{LOGLEVEL:loglevel} %{DATA:class} %{GREEDYDATA:message}" }
}
}
My log : 09 Dec 2016 07:10:38,715 INFO DefaultScreen esapgui - SiteMapServlet value:Spandana
Please help me with this
What do you see in KB then?
This is what i see in Kibana
December 9th 2016, 19:41:52.535 @timestamp:December 9th 2016, 19:41:52.535 beat.hostname:* beat.name:* count:1 fields: - input_type:log message: Dec 2016 07:10:38,715 INFO DefaultScreen esapgui - SiteMapServlet value:spandana offset:2,486 source:C:\Work\Log\sped\test1.log type:log _id:AVjj7Rx5ZBnab9FpdJ8E _type:log _index:filebeat-2016.12.09 _score:
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.