Urgent Help : How to Parse nested XML (Key value patterns) with multiple Parent children

sonirajil · August 22, 2022, 5:05am

Thanks for your quick response Badger , in interest of time in case If I need just specific fields with corresponding values instead of flattening whole hierarchy e.g. specifically
BatteryHealthCode
ChargeCapacity
PartNumber
SerialNumber
from parent xmldata.command.sendTerminalProperties.group.name : Battery .
Is there any other way like split or something you can advise .
I tried split which you suggested in below (might be ,my code is not correct)

filter {
    grok {
                match => { "message" => "^%{TIMESTAMP_ISO8601:timestamp}\s+%{LOGLEVEL:loglevel}\s+(\[)%{DATA:logger}(\])\s+%{DATA:command} (\|)%{DATA:output}?\s*$(?<stacktrace>(?m:.*))" }
        }
     if "<?xml" in [stacktrace]
      {
      xml {
    source => "stacktrace"
    target => "xmldata"
        }
}
         split { field => "[xmldata][command][sendTerminalProperties][group][name]" }
         split { field => "[xmldata][command][sendTerminalProperties][property][name]" }
         split { field => "[xmldata][command][sendTerminalProperties][property][value]" }

}

Request advice.

Topic		Replies	Views
Possible to Parse Nested XML Data structures and combine parent with child Logstash	7	1390	March 11, 2019
Logstash - XML Filter not working properly Logstash	15	1803	May 12, 2019
Multiple Nested JSON Parse Logstash	3	666	November 27, 2018
Parsing nested XML with logstash Logstash	4	1370	November 4, 2019
Nested Json to parse Logstash	9	11959	October 27, 2017

Urgent Help : How to Parse nested XML (Key value patterns) with multiple Parent children

Related topics