Hello everybody,
I am new here, I am actually trying to understand how works filebeat, logstack, elastic and kibana.
I am actually testing the logstack module and i am actually blocked, I don't understand how i can extract from the log file the information i need. (below is my log i receive)
I want to extract some information from the log and i don't know how to do that with the grok filter.
I am trying to take from the log "clamart" and put it in a field "text"
also
I am trying to take from the log "uas%5Fintranetedf%2B" and put it in a field "database"
21/04/2016 17:11:53 [7] action=QUERY&outputencoding=UTF8&xmlmeta=true&querysummary=true&minscore=20&securityinfo=mPHP&databasematch=uas%5Fintranetedf%2B&combine=simple&predict=false&sort=Relevance&timeoutms=20000&languagetype=frenchUTF8&anylanguage=true&start=1&maxresults=10&totalresults=true&summary=context&characters=260&highlight=summaryterms&text=clamart&fieldtext=BIASVAL%7Bfr%5FFR%2C1%7D%3ABIAS%5FFIELD1%2BAND%2BBIASVAL%7BGed%20Direction%20Groupe%2C%2D20%7D%3AF7 (127.0.0.1)
Maybe it is not the good filter to use ?
If someone can give me an advice, i will be great
Yves