Read REST API logs and push them to elasticsearch


(Ayush Rastogi) #1

Hi Guys,

I am trying to process the Service API request logs and trying to data to elasticsearch

A sample line from my logs look like

"111.125.230.58 - - [13/May/2017:08:50:35 +0000] \"GET /ContentStorageService/coss-test-bucket/resources HTTP/1.1\" 200 272584 \"-\" \"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36\" 166"

I want the following data to go in elaticsearch in in the following format

IP -> 111.125.230.58 Request Type -> 'GET /ContentStorageService/coss-test-bucket/resources HTTP/1.1\" Status -> '200' TIME -> 272584

I tried many filters but looks like I couldn't fit any of them into my need.

Is there any suggestion / recommendation for this kind of log processing.

Is there any filter made for this specific task.

Thanks,
Ayush


(Mark Walkom) #2

That looks like a pretty standard apache log format.
Have you seen grok?


(Ayush Rastogi) #3

Thanks Mark for the reply, I have a working pattern now


(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.