Hello everyone,
I try to create a grok for my spring log message but it seems to not work. Anyone can me help to resolve my grok error ?
You can find here an example of the log file :
2019-12-06 09:36:24,254 INFO com.embisphere.esr.bo.central.service.impl.BarcodeServiceImpl: getEanInformation : Ended. It took : 2 ms
Here is the grok pattern :
"messsage","(?<timestamp>%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME}) %{LOGLEVEL:level} (?<logmessage>.*)"
Thanks a lot
That should be message, not messsage.
I did the change however it still doesn't work...
Hi
The log example you posted, is that one single line?
What does your message look like before applying the grok filter?
What error do you get?
Not sure about the grok syntax, but I´d try something like this:
"message","%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level} %{GREEDYDATA,logmessage}"
or maybe this
"message","%{GREDYDATA:date} %{GREEDYDATA:time} %{LOGLEVEL:level} %{GREEDYDATA,logmessage}"
and then concatenate dateand time as you see fit.
You may check the available patterns here: https://github.com/logstash-plugins/logstash-patterns-core/blob/master/patterns/grok-patterns
Hope this helps
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.