No, you have to create it yourself. /etc/logstash/patterns would be a good choice.
what if i installed logstash using tar file not rpm or deb file and created ./pattern directory in extracted logstash directory then how will you set the path for ./pattern directory for logstash configurations ?
The Custom Patterns section of the grok filter documentation should explain this. If not please be more specific about what is unclear.
Suppose, I have logstash configuration file with "logstash.yml" where we define configuration regarding logstash using ".yml" extension similarly, what would be the extension for custom grok pattern files ?
Not sure exactly what you're asking, but it sounds like something you could use custom grok patterns for.
yeah, you're right but here scenario is different.
Suppose, We have our own list of critical error code with error description in a csv format. but which log files we are parsing it does'nt have any error code. so in that scenario i had to match it's error description to my csv file and assign that error to a specific error code how can we do that ?
Is there any option to load custom csv or json file to load statically and used it for comparison of event logs statement ?