Parse two log files into Single index in ES via Logstash

sjabiulla · April 30, 2019, 11:37am

Hi,

I have two log files and I want to merge the data from two log files and index the data into the same document.

Log file 1 format:
<JOB_NAME> <APPLICATION_NAME> <STARTED_TIME> <CURRENT_STATUS>

Log file 2 format:
<JOB_NAME> <AVERAGE_TIME_TAKEN>

Currently I'm able to parse the above two log files using two seperate GROK match patterns. But I want to index these two log files in to single index as below.

      {
        "_index" : "my-index",
        "_type" : "doc",
        "_id" : "va_TbWoBfjxVI6P8WKhc",
        "_score" : 1.0,
        "_source" : {
          "@timestamp" : "2019-04-30T10:38:46.065Z",
          "status" : "Completed",
          "@version" : "1",
          "job_name" : "my-job-2",
          "application_name" : "my-app-name",
          "avg_time_taken" : 500
        }

Is this possible via Logstash ?

Badger · April 30, 2019, 2:24pm

Take a look at this.

system · May 28, 2019, 2:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How can I merge two events in logstash? Logstash	5	3406	January 3, 2019
Advice needed to index multiple files from logstash to elastic search Logstash	6	407	July 6, 2017
I want to use information from 2 files and insert to elasticsearh as a document Logstash	3	527	August 4, 2017
Join data in two different logs Logstash	2	436	July 6, 2017
How can I parse 2 log files to 2 index in Kibana Logstash	6	346	September 15, 2021

Parse two log files into Single index in ES via Logstash

Related topics