Hi Folks,
Somehow I am not able to parse the below Text in grok. grokdebug is consistently showing no match.
{"org_name": "google.com", "org_email": "abuse-support@google.com", }
Here are my parser which are pretty basic
\{\"%{WORD:method}\"\:\s*\"%{WORD:orig}\"\,
Hi,
Here's a grok pattern that works
%{DATA}\s*:\s*%{DATA:org_name},\s*\s*%{DATA}\s*:\s*\s*%{DATA:org_email},
This is the result that i've got
{
"org_email": ""abuse-support@google.com"",
"org_name": ""google.com""
}
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.