New to logstash - I'm trying to add a field that contains the http host value ( http://host.domin.com/ ). I have the combinedlog pattern to match the "message" field and now I'm trying to use the addfield but i don't know how to reference the pattern field referrer within the addfield command. addf…

Parsing a message after the pattern

lueneburger (Dirk L.) February 24, 2017, 8:22am 2

Hi cisaksen,

	grok {
		match          	=> [ "message", "(?<httphost>^http://./.?$) "]
    	        }

? will add the new field with the regex you define behind it, like shown above

Topic		Replies	Views
Pattern Matching Logstash	8	1230	April 5, 2017
Can I add (arbitrary) new fields from inside a grok pattern? Logstash	5	1333	March 30, 2017
Add field based on another Logstash	10	451	November 11, 2020
Reference to grok patterns that are in another field of event Logstash	1	233	August 29, 2022
Correct grok pattern? Logstash	4	2193	July 6, 2017