Parse two log files into Single index in ES via Logstash

sjabiulla · April 30, 2019, 11:37am

Hi,

I have two log files and I want to merge the data from two log files and index the data into the same document.

Log file 1 format:
<JOB_NAME> <APPLICATION_NAME> <STARTED_TIME> <CURRENT_STATUS>

Log file 2 format:
<JOB_NAME> <AVERAGE_TIME_TAKEN>

Currently I'm able to parse the above two log files using two seperate GROK match patterns. But I want to index these two log files in to single index as below.

      {
        "_index" : "my-index",
        "_type" : "doc",
        "_id" : "va_TbWoBfjxVI6P8WKhc",
        "_score" : 1.0,
        "_source" : {
          "@timestamp" : "2019-04-30T10:38:46.065Z",
          "status" : "Completed",
          "@version" : "1",
          "job_name" : "my-job-2",
          "application_name" : "my-app-name",
          "avg_time_taken" : 500
        }

Is this possible via Logstash ?

Badger · April 30, 2019, 2:24pm

Take a look at this.

system · May 28, 2019, 2:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Merge two log file using Elasticsearch script Elasticsearch	7	1529	July 5, 2017
Join data in two different logs Logstash	2	446	July 6, 2017
Merging two documents from existing ES indices into a new document Logstash	4	532	December 6, 2019
I want to use information from 2 files and insert to elasticsearh as a document Logstash	3	539	August 4, 2017
Logstash input multiple files output one index elasticsearch failure Logstash	3	2758	February 24, 2017

Parse two log files into Single index in ES via Logstash

Related topics