How can i get info from log.file.path on grok to input in other custom field?
log.file.path /app/prd1bea/logs/domselftst1prd/mng7node/access.log
Grok (don't working):
match => { "log.file.path" => "%{GREEDYDATA:teste}"}
Elastic Stack 7.0
1 Like
If you have a field called log.file.path with periods in the name (rather than [log][file][path]) then that grok should consume the entire field, and is equivalent to copying it.
What do you want in the field teste?
The field "log.file.path" is generated by filebeat. But the grok match above is not working to catch that info and insert it into "teste" field.
After resolve that problem, i'll create other grok pattern to catch value "mng7node".
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.