Hello my friends
I got some logfiles that are fully unstructured
what I am so far done is just for the first line of each log which are DATE HOUR TIMEZONE and some information
%{DATE_YMD:login_date} %{TIME:login_time} %{ISO8601_TIMEZONE:login_timezone} %{GREEDYDATA:unknow} (?<app_server>application-akka.*) (?m)%{GREEDYDATA:unknown2}
DATE_YMD is pattern dir --→ DATE_YMD %{YEAR}/%{MONTHNUM}/%{MONTHDAY}
sometimes my log contains information about client login which is my problem because it goes to another line.
The first question is how should I handle multiple line of a log and second one how to create a different pattern based on login(which can be success or error)
2016/08/05 15:03:40.445 +0430 - [INFO] - from application in application-akka.actor.default-dispatcher-1086
2013/08/05 19:03:40.445 +0430 - [INFO] - from application in application-akka.actor.default-dispatcher-1086
Login success - UserSession info : UserSession{userInfo=UserInfo{type='null', messageId='null', accountNumber='15391272736024 ', customerId='25814687', firstName='something', latinFirstName='null', lastNam='something', latinLastName='null', isCompany=false, bankAccounts=[BankAccount{id=-1, name='something', latinName='something'}], muserid='something', nationalCode='something', appuserId=null, email='something', onlineSessionTime=240, onlineSessionTimeMobile=5, allowSendSms=false, bourseAccountName='something'}, username='something', remoteAddress='something'}
SupervisorActor , forwardToApi method with apiKey =2224 , Class = class something
2015/02/05 19:03:46.445 +0430 - [INFO] - from application in application-akka.actor.default-dispatcher-1086
Login error : {"title":"problem","description":"password is wrong","errorType":"BAD_REQUEST","errorCode":4dddd0037,"UUID":"sdfsfsd66-jj-90"}