Single file multiple log entries

oceanvijai · March 7, 2019, 12:40pm

Hi,
Lets say I have a single log file with heterogeneous entries like this

....
[time] methodName parameter1 parameter2 parameter3
....
[time] networkCall 200 4000
.....
[time] methodName parameter1 parameter2 parameter3
....
[time] networkName 200 4300
.....

Now there are two types of logs here. One I would like to be mode as method, parameters etc
and other I would like to name, response_code and response_time.

How can I convert these information into useful indexes in ES for analysis.
How can build my filter block to achieve this.

Badger · March 7, 2019, 3:48pm

I understand you may not be able to reveal proprietary data, but you are asking us to find a pattern in your data when you do not show us the data.

If the lines that contain methodName always have 3 parameters and the network lines always have two, then you can distinguish them using the number of fields. If that is not the case you are going to have to find some other pattern.

system · April 4, 2019, 3:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filter multiple logs from same file to different index Logstash	2	576	June 23, 2020
How to process heterogeneous logs in one log file Logstash	4	1014	July 6, 2017
Logstash Filter help - Newbie question Logstash	6	317	February 17, 2022
Newbie question: different numbers of URL parameters Logstash	3	658	April 7, 2017
How do I create a filter for a custom app log with different lines? Logstash	10	1381	July 6, 2017

Single file multiple log entries

Related topics