{"xn":"CSI_IUCPBySL","var":"DEFAULT","c":"olpv081040817257150214","x":"olpv081040817257150214","xst":"20170914T150218.840","xet":"20170914T150218.936","in":{"CallID":"olpv081040817257150214","SearchBy":"TN","TNorBAN":"4046307783"}
This is the log ,I need to retrieve the values xet(End Time) and xst(Start Time) alone and subtract xst from xet to get the duration,can I do this usuing grok
You can use grok but it's better to use a json filter (or possibly a json codec).
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.