New filed is not showing After using GROK Command

Syed.Ubaid · July 9, 2019, 3:26pm

I have a csv file in which i have only one record which is
Insert_time
13/05/2019 0:00:55
Mobile 923xxxxxxxxx
Telco : Paktel
Mask : 62222
Message : Your MCB Debit Card has been charged PKR x
Now i am using grok message in my config file file has been running successful

but i got this result
i have this config file
input
{
file
{
path => "D:/kibanaproject/grok.csv"
start_position => "beginning"
sincedb_path => "NUL"
}
}
filter {
grok {
match => {
"Message" => [
"Your MCB Debit Card has been charged PKR %{NOTSPACE:Amount}"]

output {
elasticsearch {
hosts => ["localhost:9200"]
index => "testing-%{+dd.MM.YYYY}"
}
stdout {
codec => json_lines
}
Please help at earliest highly appreciated

Syed.Ubaid · July 9, 2019, 3:27pm

ouput will be pkr xx will go in amount column

For supporse PKR 1234 , In Amount column 1234 will be drop if there is something wrong in my config file please help

system · August 6, 2019, 3:27pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Grokparsefailure message in the case of using grok filter Logstash	2	293	September 26, 2019
Logstash grok filter is having issue Logstash	4	670	February 5, 2019
Grok filter log Logstash	8	503	July 4, 2018
Grok filter is not working properly Logstash	10	1286	May 19, 2020
Grok_help Logstash	8	304	June 11, 2018

New filed is not showing After using GROK Command

Related topics