All
I am looking at parsing a log file and inserting it into a MySQL Database. The output works but there seems to be a problem with the date pattern
The following is my log
Feb 15, 2017 09:35:43 AM GMT, INFO - INVALID_VALUES_COUNT = 1
Feb 15, 2017 09:35:43 AM GMT, INFO - BadDataFlag false
Feb 15, 2017 09:35:43 AM GMT, INFO - forecastItem = FH-002527
Feb 15, 2017 09:35:43 AM GMT, INFO - ErrorLog attachment added
Feb 15, 2017 09:35:43 AM GMT, ERROR -
java.lang.Exception: Objects don't exist in Agile for all values in Excel. Please refer ErrorLog in Attachments tab of Forecast Holder for more details.
The my configuration file looks like
input {
file {
type => "weblogic"
path => ["C:\test\logs\CornerStone.log"]
# codec => multiline {
# pattern => "^%{TIMESTAMP_ISO8601}"
# negate => true
# what => previous
# }
}
}
filter
{
if[type] == "weblogic"
{
grok {
match => ["message", "%{DATA:wls_timestamp}GMT, %{WORD:severity}"]
}
mutate { add_field => { "severity1" => "%{severity}" } }
}
}
output {
jdbc {
driver_class => "com.mysql.jdbc.Driver"
connection_string => "jdbc:mysql://localhost:3306/log?user=root&password=admin"
statement => [ "INSERT INTO log.logs(hosname, message, severity) VALUES(?, ?, ?)", "wls_timestamp", "wls_message" ,"severity" ]
}
}
The out put works , except that the severity and timestamp and severity come in as null. Can anyone help with this.
thanks
Riaz Mohamed