I have the following log:
2016-10-20T23:56:42.000+00:00 clientIp:83.149.9.216 TransactionId=1233 TransactionType=Sell
How can i ignore the words clientIp:, TransactionId= and TransactionType= to match only the values?
If I modify my log to look like this:
2016-10-20T23:56:42.000+00:00 83.149.9.216 1233 Sell
And I use this pattern:
%{TIMESTAMP_ISO8601:timestamp} %{IP:clientIp} %{NUMBER:TransactionId} %{WORD:TransactionType}
It works. So i need a way to read only the values after "word:" or "word="
Your pattern can include literals, e.g.
TransactionId=%{NUMBER:TransactionId}