I have a log sample in log file. I want to write a grok pattern in a logstash configuration file.
Please suggest me the possible right way to write the grok pattern for the same.
2019-01-10 15:33:38.365 INFO 4228 --- [http-nio-8080-exec-6] c.e.h.e.ELKController: /elkdemo - > Hello user ! Thu Jan 10 15:33:38 IST 2019
Depends on the fields you want to extract.
Suggestion :
grok {match => [
"message" , "%{YEAR:year}-%{MONTHNUM:month}-%{MONTHDAY:day} %{TIME:time} %{LOGLEVEL:logLevel} %{NUMBER:id} --- %{DATA:thread} %{DATA:operation} %{GREEDYDATA:thread}"
]
}
You can debug your pattern here