Want to extract the logs based on keyword

Hello,

I have a log below:

Jun 05, 2017 6:45:07 AM sai.pollers.SaiDbPollerServlet handleNotification
INFO: msg ======== MapMessage[null]
Jun 05, 2017 6:45:07 AM sai.mdb.framework.SaiMessageDrivenBean onMessage
INFO: Enter sai.mdb.service.client.SynapseERPSesamOrderTrackingBean.onMessage()
Jun 05, 2017 6:45:07 AM sai.pollers.SaiPollerServlet info
INFO: SESAM0SYNAPSE_QUOTE_OPT248516965FI62604132248516965<map

how to extract the logs based on the keywork "INFO:" and until it gets next "INFO:", all comes in a single message.

Have you looked at the multiline codec?

Hi,

Yes I have tried the multiline coded but it doesn't work.

Can you please share the sample configuration file that search for keyword "Hello" in the logfile.

Regards,
Anupam

Yes I have tried the multiline coded but it doesn't work.

What did you try?

Can you please share the sample configuration file that search for keyword "Hello" in the logfile.

See Accessing Event Data and Fields in the Configuration | Logstash Reference [5.4] | Elastic.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.