Hey guys, i am trying to parse out one particular field from the message log, and include it in the index fields, i am relatively new to the kibana and confused between using the scripting fields or grok filters.
here is my log example : path:/xxxx/log/nginx.log type:xxxx @timestamp: @version:1 host:xxxx message: x.x.x.x x.x.x.x - - [11/Aug/2018:11:11:11 +0000] "GET /xxxxxxxxx HTTP/1.0" 200 35
i wanna parse out the http response code 200 and include it in the index pattern fields. Any help would be greatly appreciated. Thanks
You need to use Logstash and a filter (such as Grok) to do this. Once you used Logstash to create the fields and values you want (e.g. http_code:200) you can use Kibana to create some graphs.
In case of NGINX I think there are pre-made templates available for Grok that will do all the work for you.
do i need to give the number of the place where the http response is present, like here the message is already a field and i need to parse out a value inside the message field ,so do i need to give the place where the http response code is present or something like that
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.