Make Readable message in kibana

Bhavin_Varsur · October 8, 2020, 11:17am

In the above picture you can see message,timestamp and fields which is added by grok pattern.
with use grok pattern take value from message and added into fields(set names in grok).
now in fields you can see values but in the message the values also here and it doesn't make any sense .
I want see in message field only message of log.

for more detail here is my grok pattern :

filter{
        if [fields][log_type] == "gbase"
	    {
	         if [level] in [ "Error", "Fatal" ] 
	         {
			     grok { match=> ["message","%{DATESTAMP:timestamp} %{WORD:processId} %{LOGLEVEL:level} %{USERNAME:logger} %{USER:user} %{URI:requestUrl} %{USER:method} %{IPV4:clientIp} %{GREEDYDATA:message}"]}
	         }
		     else
		     {
			      grok { match=> ["message","%{DATESTAMP:timestamp} %{WORD:processId} %{LOGLEVEL:level} %{USERNAME:logger} %{USER:user} %{IPV4:clientIp} %{GREEDYDATA:message}" ]}
		     }
		
	   }
}

How can I make this ?

system · November 5, 2020, 11:17am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Fields in messages Logstash	4	1522	February 23, 2018
How can I filter certain information from the logs? Kibana	8	446	December 6, 2023
What does the field in Grok "message" do? Logstash	6	22597	July 6, 2017
How to filter my logs Logstash	9	517	June 29, 2018
Need grok pattern for logstash Logstash	7	438	June 29, 2022

Make Readable message in kibana

Related Topics