Simple string and Time stamp parse also redirect to CSV file

krishna1 · July 20, 2017, 1:23pm

Dear Folks,

Recently I've started using logstash for parsing the logs, Please help on syntax for parsing the log in for CSV file.

ex:

[Wed May 10 17:18:03.391 2017] PassportMain 17:17:59.319: tvp[tvp_CloseCam/5211](0x8a, ref:0x314): Calling

Expecting CSV Format:

time_stamp(1st col) message(2nd col)
Wed May 10 17:18:03.391 2017(1st col) vp[tvp_CloseCam/5211](0x8a, ref:0x314): Calling (2nd col)

input{
file{
path=>
start_position => "beginning"
sincedb_path => "/dev/null"
}
filter{
#suggestion/help required
grok{match => { "message" => "tvp_*" }}
}
output{
csv{
fields =>["timevalue","functionName"]
path =>
}
}

Thanks in Advance

system · August 17, 2017, 1:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.