Hi,
I have a log file which has a header as the first line to represent the log line's type. While parsing with logstash, it happened to parse the header along with the other log lines also but I need to remove the header as i dont want it to be indexed in Elasticsearch.
for example:
Level Date and Time Source Event ID Task Category
Information 10/27/2016 12:18:34 AM Microsoft-Windows-Security-Auditing 4689 Process Termination "A process has exited."
Error 10/27/2016 12:18:34 AM Microsoft-Windows-Security-Auditing 4699 Deadlock "A process has ended in error."
Here, the line that starts with "Level" is a header line. I have to remove this line while parsing.
Please help me doing this.
There may be a possibility that I may have a log file without header also. How should I handler in that case?
Note: This is not a csv file which I am dealing with. It is a normal log file wherein fields are separated by spaces.