Hi
The following pattern in logstash conf not extracting the logappname value.
grok {
match => { "log.file.path" => "%{GREEDYDATA:logappname}"}
}
filebeat value is "log.file.path: C:\Data\Logs\Test_1.log"
Most likely that should be [log][file][path] rather than log.file.path (logstash does not use the same syntax for nested fields that kibana uses).
Thanks Lot. It's working fine!