Hi,
I have an access.log for which i need grok filter to ingest logs to logstash. I have passing the grok filter in logstash.conf.
Access.log:
144.70.113.111 - - [16/May/2021:23:40:32 -0400] [https-jsse-nio-8443-exe-40] 372bcb7832464258b3fb3bfc8324053 "GET /api/v3/projects/1103/test-runs?parentType=test-suit&parentID=null HTTP/1.1" 200 240 26
Grok filter didn't work:
grok { match =>["message","%{COMBINEDAPACHELOG}"]}
Thanks,
Ipsita Dash
COMBINEDAPACHELOG expects useragent and referer fields to be present. Your log format looks like HTTPD_COMMONLOG.
Actually your format is not HTTPD_COMMONLOG either. You will need a custom pattern. You can use the examples I linked to as a starting point.
Can't find out the example linked. Can you please relink it again?
The httpd related patterns are here.
Thank you, i will go through it.
I too have a same issue. Great update thank you for fixing this issue
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
