Parse two log files into Single index in ES via Logstash

sjabiulla · April 30, 2019, 11:37am

Hi,

I have two log files and I want to merge the data from two log files and index the data into the same document.

Log file 1 format:
<JOB_NAME> <APPLICATION_NAME> <STARTED_TIME> <CURRENT_STATUS>

Log file 2 format:
<JOB_NAME> <AVERAGE_TIME_TAKEN>

Currently I'm able to parse the above two log files using two seperate GROK match patterns. But I want to index these two log files in to single index as below.

      {
        "_index" : "my-index",
        "_type" : "doc",
        "_id" : "va_TbWoBfjxVI6P8WKhc",
        "_score" : 1.0,
        "_source" : {
          "@timestamp" : "2019-04-30T10:38:46.065Z",
          "status" : "Completed",
          "@version" : "1",
          "job_name" : "my-job-2",
          "application_name" : "my-app-name",
          "avg_time_taken" : 500
        }

Is this possible via Logstash ?

Badger · April 30, 2019, 2:24pm

Take a look at this.

system · May 28, 2019, 2:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How can I merge two events in logstash? Logstash	5	3399	January 3, 2019
I want to use information from 2 files and insert to elasticsearh as a document Logstash	3	526	August 4, 2017
How can I parse 2 log files to 2 index in Kibana Logstash	6	346	September 15, 2021
How to Merge Two indices into Single using Logstash Logstash	1	349	October 12, 2020
Merge two indexes to one Elasticsearch	5	242	October 9, 2023

Parse two log files into Single index in ES via Logstash

Related Topics