New filed is not showing After using GROK Command

Syed.Ubaid · July 9, 2019, 3:26pm

I have a csv file in which i have only one record which is
Insert_time
13/05/2019 0:00:55
Mobile 923xxxxxxxxx
Telco : Paktel
Mask : 62222
Message : Your MCB Debit Card has been charged PKR x
Now i am using grok message in my config file file has been running successful

but i got this result
i have this config file
input
{
file
{
path => "D:/kibanaproject/grok.csv"
start_position => "beginning"
sincedb_path => "NUL"
}
}
filter {
grok {
match => {
"Message" => [
"Your MCB Debit Card has been charged PKR %{NOTSPACE:Amount}"]

output {
elasticsearch {
hosts => ["localhost:9200"]
index => "testing-%{+dd.MM.YYYY}"
}
stdout {
codec => json_lines
}
Please help at earliest highly appreciated

Syed.Ubaid · July 9, 2019, 3:27pm

ouput will be pkr xx will go in amount column

For supporse PKR 1234 , In Amount column 1234 will be drop if there is something wrong in my config file please help

Topic		Replies	Views
Grokparsefailure message in the case of using grok filter Logstash	2	301	September 26, 2019
Logstash grok filter is having issue Logstash	4	702	February 5, 2019
Grok filter log Logstash	8	527	July 4, 2018
Grok filter is not working properly Logstash	10	1334	May 19, 2020
Grok_help Logstash	8	334	June 11, 2018

New filed is not showing After using GROK Command

Related topics