Read REST API logs and push them to elasticsearch

ayush_rastogi1 · May 13, 2017, 11:12am

Hi Guys,

I am trying to process the Service API request logs and trying to data to elasticsearch

A sample line from my logs look like


"111.125.230.58 - - [13/May/2017:08:50:35 +0000] \"GET /ContentStorageService/coss-test-bucket/resources HTTP/1.1\" 200 272584 \"-\" \"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36\" 166"

I want the following data to go in elaticsearch in in the following format


IP -> 111.125.230.58
Request Type -> 'GET /ContentStorageService/coss-test-bucket/resources HTTP/1.1\"
Status -> '200'
TIME -> 272584

I tried many filters but looks like I couldn't fit any of them into my need.

Is there any suggestion / recommendation for this kind of log processing.

Is there any filter made for this specific task.

Thanks,
Ayush

warkolm · May 14, 2017, 5:18am

That looks like a pretty standard apache log format.
Have you seen grok?

ayush_rastogi1 · May 30, 2017, 4:27pm

Thanks Mark for the reply, I have a working pattern now

system · June 27, 2017, 4:27pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need advice on AWS logs indexing using logstash Logstash	7	838	July 6, 2017
I try to input csv file into elasticsearch. but always debuging Logstash	1	336	November 27, 2018
ES: Content type detection for rest requests is deprecated - 5.4.X Logstash	1	1204	July 27, 2017
Elasticsearch input with AWS ES as service Logstash	1	623	July 6, 2017
Filter Grok Logstash	7	526	June 4, 2018

Read REST API logs and push them to elasticsearch

Related topics