elasticsearch internationalization logstash grok logstash-grok

Split Logstash/grok pattern that has international characters

Running into this issue.

I need to split up urls to get values from them. This works great when its all english.

URL = /78965asdvc34/Test/testBasins

Pattern = /%{WORD:org}/(?i)test/%{WORD:name}

I get this in the grok debugger. {"org":[["78965asdvc34"]],"name":[["testBasins"]]}

If I have international characters, grok does not read them with the pattern above.

/78965asdvc34/Test/浸水Basins

Any thoughts how to get this to work? This value can be in any language in the logs, and hopefully there is a way to get it out.

Solution

Have you already tried

/%{WORD:org}/(?i)test/%{GREEDYDATA:name}

From hurb.

Thanks Hurb. GREEDYDATA worked.

What is the difference between CONTAINS and WITHIN on Elasticsearch GeoShape queries?
Grafana - Elasticsearch dashboard variable does not provide any results
How to log using serilog to elasticsearch with Elastic.Serilog.Sinks in .net application
What's "EIO: i/o error, write" in node.js and how do I eliminate it?
Kibana has strict security requirements enabled that your current browser does not meet
What's the difference between search-as-you-type and context suggester?
Convenient time string parsing in python
ElasticSearch in Spring with @Query
What is the best practice for ensuring idempotency for downloading a binary with Ansible?
Logstash install error: can't get unique system GID (no more available GIDs)
Can't configure elastic search with spring boot in docker network
`index_prefixes` in OpenSearch?
How to get latest values for each group with an Elasticsearch query?
What does it mean when an Elasticsearch index has yellow health?
Is it possible to transfer data from Redshift to Elasticsearch?
How elastic queries work with contradicting statements
Can filebeat dissect a log line with spaces?
How to undo setting Elasticsearch Index to readonly?
Date range filter not getting excluded from date histogram under global aggregations in elastic query
"United States" not ["United","States"]
Get all field names in an index elasticsearch python
How to really reindex data in elasticsearch
elasticsearch match_phrase returns same score for fields with exact and not exact match
inner_hits aggregations in ElasticSearch
Sorting a reverse nested back to parent aggregation
Elasticsearch: how to list roles assigned to the current SSO user via role mappings
How to setup password for elasticsearch users?
OpenSearch prevent script_score from running more than once
Elasticsearch intermittently killed
Elasticsearch: Job for elasticsearch.service failed