Home > Software design >  Grok pattern (regex) to filter data from nested brackets
Grok pattern (regex) to filter data from nested brackets

Time:05-21

I've tried to apply grok pattern to filter nested brackets in the logs which is as below,

[2022-05-20T02:21:54.715] [INFO] [{"id":"876g4jd8v36w0dhna2","data":"fetching public base-plans ..."}]

My grok pattern looks like this. But here, I'm unable to parse nested brackets (brackets inside brackets). Any help is much appreciated, since I'm trying this for long.

\[%{TIMESTAMP_ISO8601:time}\] \[%{WORD:logLevel}\] \[%{DATA:id}\]

CodePudding user response:

This will working fine.

\[%{TIMESTAMP_ISO8601:time}\] \[%{WORD:logLevel}\] \[\{\"%{GREEDYDATA:id}\"\}\]

grok pattern

CodePudding user response:

Below is working fine and will filter as expected (regex)

filter {
  grok {
    match => { "message" => "\[%{TIMESTAMP_ISO8601:time}\] \[%{WORD:logLevel}\] \[\{\"id\":%{DATA:id},\"data\":%{DATA:response}\]"}
  }
}

Page link:https//www.codepudding.com/Softwaredesign/414224.html

Prev:botocore.exceptions.ClientError: An error occurred (UnauthorizedOperation) when calling the Describe
Next:How to save images to a folder from web scraping? (Python)
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding