Home > Software design >  How to filter out the file path using grok filter and add as new field
How to filter out the file path using grok filter and add as new field

Time:06-28

I want to filter out scm_output portion from /lib/logs/scm_output.log this file path and abc_output from this file path , /lib/logs/abc_output.log, and add new fields as scm_output & abc_output.

I have tried this,

grok {
        match => { "[log][file][path]" => "%{PATH}%{GREEDYDATA:name}\.* %{GREEDYDATA}.log" }
   }

But not getting any result.

I am new to ELK and GROK filter, please help me to filter these.

CodePudding user response:

The below grok pattern should work for you

grok
{
match => {"message" => "%{GREEDYDATA:PATH}/%{GREEDYDATA:filename}.log"}
}

Keep Posted!!! Thanks !!!

Page link:https//www.codepudding.com/Softwaredesign/456136.html

Prev:Add Nested To Aggregations
Next:How to combine Boolean AND with Boolean OR in Elasticsearch query?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding