Need help to create a grok patter for my syslog pattern

my log message looks like this
Dec 12 12:01:27 ppdtest302 test-checker: Context SHA of TEST Software Version 3.0.1_RC5 0b1f71223180bf0df9330b13e17f8d7c62dfdaad16b97a80b8a25c99409c1109

How do i use a grok pattern to extract the value after 'Version' and SHA value. i basically need the following
Version - 3.0.1_RC5
SHA - 0b1f71223180bf0df9330b13e17f8d7c62dfdaad16b97a80b8a25c99409c1109
Software - TEST
Host - ppdtest302

Welcome to the community.

%{SYSLOGTIMESTAMP}%{SPACE}%{IPORHOST:host}%{SPACE}%{DATA}:%{SPACE}Context SHA of %{DATA:software} Software Version %{DATA:version} %{WORD:sha}

1 Like

Thanks Rios. will try this out.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.