I'm trying to parse a tomcat file, but the docs count in Kibana shows 0. It seems like there is something wrong with the filter I have added.
input {
file {
type => 'tomcat'
path => "C:\Users\me\Downloads\access_log.log"
start_position => "beginning"
}
}
filter {
if [type] == "tomcat" {
grok {
match => [ "message", "%{TOMCATLOG}", "message", "%{CATALINALOG}" ]
}
date {
match => [ "timestamp", "yyyy-MM-dd HH:mm:ss,SSS Z", "MMM dd, yyyy HH:mm:ss a" ]
}
}
}
output {
stdout{}
elasticsearch {
hosts => ["localhost:9200"]
}
}