Hi Techs and experts,
I need help to configure logstash to extract the fields from a log file which has multiple lines like the following :
<134>Agent_Local_Date="2019.01.11" Agent_Local_Time="1/11/2019 4:07:06 AM" Agent_UTC_Date="2019.01.11" Agent_UTC_Time="1/11/2019 3:07:06 AM" Application="firesvc.exe" Classification_Content_Pattern="" Classification_Frequency="" Classification_Policy="" Classification_Rule="" Classification_Type="" Computer_Name="france-ad\AFR648087" Computer_Type="0" Custom_Computer_Group="Groups\ATTR-Win7" Custom_Date_1="" Custom_Date_2="" Custom_Date_3="" Custom_Date_4="" Custom_Int_1="" Custom_Int_2="" Custom_Int_3="" Custom_Int_4="" Custom_String_1="" Custom_String_2="" Custom_String_3="" Custom_String_4="" Custom_String_5="" Custom_String_6="" Day_of_Week="6" Dll_Base="" Dll_Created_Local_Time="" Dll_Load_Local_Time="" Dll_Load_UTC_Time="1/11/2019 3:07:06 AM"
each key is already named and I need to create fields with the same name using the value into quotes.
I also need to get the time values extracted as timestamp and not only string.
So I'll probably need multiple operations to be achieved by Logstash but I don't know how to do it.
Your expertise will be really appreciated
Thank you very much