I have a requirement to match a string out the log, say 'ABC123' or 'XYZ456'.
Once this is identified, I want to assign this string into the output field. How can I do it? I can obviously use add_field with the hardcode value, but it will be tedious to do so and end up with many grok statement. Any better way?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.