Hi
The following pattern in logstash conf not extracting the logappname value.
grok {
match => { "log.file.path" => "%{GREEDYDATA:logappname}"}
}
filebeat value is "log.file.path: C:\Data\Logs\Test_1.log"
Most likely that should be [log][file][path] rather than log.file.path (logstash does not use the same syntax for nested fields that kibana uses).
1 Like
Thanks Lot. It's working fine!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.