I am having trouble getting the 4th level of a folder structure. I am working in attempting to get the component of the application to be added as a field in Kibana. The component appears in the path field in the 4th level:
/apps/logs/ABC/abc-permit-api/abc-permit-api.log
I would like to get the last level of the directory structure which is abc-permit-api. I have been trying to get it with no success:
([^/])+%{GREEDYDATA:msg}
which gives me:
{
"msg": [
[
"/logs/ABC/abc-permit-api/abc-permit-api.log"
]
]
}
Thanks a lot
If you know that this will always look at the fourth level out of five and that it will always contain similar combinations of characters this should be trivial.
Something like this can help you:
/%{GREEDYDATA}/%{GREEDYDATA}/%{GREEDYDATA}/%{GREEDYDATA:msg}/%{GREEDYDATA}