So I have been trying to figure out how to use grok on just one field from the input. Specifically, I'm using the beats input to get all my logs, and it automatically produces a bunch of fields for kibana. One of those fields is a string that contains the log that I want to break apart. Is there a w…

Using grok on just one field

Badger July 30, 2018, 6:40pm 4

To refer to a nested field, you specify the full path to that field: [top-level field][nested field].

But _source is an elasticsearch concept. It is not present in logstash.

1 Like

Topic		Replies	Views
Can I use grok filter on a nested filed Logstash	2	371	July 6, 2017
Matching a nested field in a JSON formatted log Logstash	3	1056	June 12, 2019
How obtain only a part of the log? Logstash	3	306	February 26, 2019
Grok on source field Logstash	3	2451	March 21, 2018
How to check if there is some specific field under fields Logstash	2	442	December 14, 2016