Query on jboss log

Vigneshprasanna · January 31, 2018, 10:13am

Hi,

I'm trying to analyse the jboss log using the elk, In this POC now the data is passing from a file in local through logstach elastic search and comes here to kibana.
in kibana im viewing the below format of data.

In log file
2018-01-31 00:00:08,496 INFO [STDOUT] (http-xxxxx%xxxxx.xxx.xxx.xxx-xxx-4) 00:00:08,496 [xxx.xxxx.xxx.xxx.xxxx] INFO - xxx xxxResponse [ xxxxxx//1/xxxxxT:1:1=xxxxx,ACTIVITY:1:1=ACCOUNTS-BALANCE-ENQUIRY-INT,EFFECTIVE.DATE:1:1=20180118, CUSTOMER:1:1=xxxxxx ]

in the above how to query the customer or any other fields ???

my grok in the .conf file of logstash is

filter {
grok {
match => [
"message",
"%{TIME:time} %{LOGLEVEL:level} [(?[^]]+)] ((?[^)]+)) %{GREEDYDATA:message}"
]
overwrite => ["message"]
}
date {
match => ["time", "MMM dd YYYY HH:mm:ss,SSS"]
remove_field => ["time"]
}
}

In advance thanks for the support

Joe_Fleming · January 31, 2018, 7:12pm

You can use the query bar at the top of Kibana to query the documents using the Lucene query syntax. If you do this in Discover, you'll see the matching documents. If you'd like to visualize this data, use the fields to build your visualization and then you can use the query bar to filter the results being used to create the vis. Likewise, you can use the query bar on the Dashboard to filter data that is used to create all the items on the Dashboard.

system · February 28, 2018, 7:15pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Jboss logdate not searchable in kibana Elasticsearch	1	364	July 6, 2017
GROK filter for JBOSS Logstash	8	8349	July 6, 2017
Logstash Data Filter Logstash	2	365	March 18, 2018
Filter query from file Kibana	3	296	May 23, 2019
Logstash GROK filter query Logstash	8	2022	May 16, 2017

Query on jboss log

Related topics