Need help in creating grok patterns for haproxy logs

Finally able to get it. Thank you very much for your support.

<%{NUMBER:number}>0 %{TIMESTAMP_ISO8601:timestamp} %{WORD:hostname} (%{WORD:service}-%{WORD:ServiceName}) %{INT:Process} %{PROG:string1} [type=%{PROG:haproxy}] [%{INT:processid}] [%{GREEDYDATA:unixtimestamp}] %{INT:ac}/%{INT:fc}/%{INT:bc}/%{INT:bq}/%{INT:sc}/%{INT:sq}/%{INT:rc} %{INT:Tq}/%{INT:Tw}/%{INT:Tc}/%{INT:Tr}/%{INT:Tt}/({|%{USER:username}|%{GREEDYDATA:LoginTicket}=|%{GREEDYDATA:header}}/) %{PROG:tws} %{IP:ClientIP}:%{INT:ClientPort} %{IP:FrontendIP}:%{INT:FrontendPort} %{IP:BackendIP}:%{INT:BackendPort} %{PROG:Transport_Type}~ RequestCookies=- | "%{WORD:Method} %{URIPATHPARAM:request} HTTP/%{NUMBER:http_version}" %{INT:HTTP_Response_Code} | %{WORD:backend}:%{WORD:backendserver}

2 Likes